CVE-2020-28033: WordPress before 5.5.2 mishandles embeds…

WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed. View Original Source Source