CVE-2020-28036: wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allow ...

Severity: Critical

CVSS Score: 9.8

wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post.