Fortinet experts have discovered a vulnerability in WordPress that allows cybercriminals to bypass the JavaScript and HTML filter, thus enabling a cross-attack using malicious script.

According to the Chip portal, the vulnerability particularly affects users with an administrative account privileges. The vulnerability affects WordPress versions 5.0 to 5.04, as well as 5.1 and 5.11.

Thanks to the vulnerability, cybercriminals are able to take over control of the account and the server on which the sites operate.
If you are using WordPress versions listed above, download the security patch immediately.