CVE-2020-28034: WordPress before 5.5.2 allows XSS associ… Posted on November 1, 2020 by Autobot WordPress before 5.5.2 allows XSS associated with global variables. View Original Source Source