Description
WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed.
Remediation
References
Related Vulnerabilities
WordPress Plugin Intuitive Custom Post Order Multiple Vulnerabilities (3.1.3)
WordPress Plugin WP Socializer-Simple & Easy Social Media Share Icons Cross-Site Scripting (2.4.2)
Oracle Application Server Other Vulnerability (CVE-2007-0283)
LiteSpeed Web Server Out-of-bounds Read Vulnerability (CVE-2004-0112)