Severity: Critical
CVSS Score: 9.8
WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC.