CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2019-17669 – WordPress Core < 5.2.4 - Server Side Request Forgery
https://notcve.org/view.php?id=CVE-2019-17669
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters. WordPress versiones anteriores a 5.2.4, presenta una vulnerabilidad de tipo Server Side Request Forgery (SSRF) porque la comprobación de URL no considera la interpretación de un nombre como una serie de caracteres hexadecimales. • https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html https://core.trac.wordpress.org/changeset/46475 https://github.com/WordPress/WordPress/commit/608d39faed63ea212b6c6cdf9fe2bef92e2120ea https://lists.debian.org/debian-lts-announce/2019/11/msg00000.html https://seclists.org/bugtraq/2020/Jan/8 https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release https://wpvulndb.com/vulnerabilities/9912 https://www.debian.org/security/2020/dsa-4 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-17675 – WordPress Core < 5.2.4 - Type Confusion
https://notcve.org/view.php?id=CVE-2019-17675
WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF. WordPress antes de 5.2.4, no considera apropiadamente la confusión de tipos durante la comprobación del referente en las páginas de administración, conllevando posiblemente a un ataque de tipo CSRF. • https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html https://core.trac.wordpress.org/changeset/46477 https://github.com/WordPress/WordPress/commit/b183fd1cca0b44a92f0264823dd9f22d2fd8b8d0 https://lists.debian.org/debian-lts-announce/2019/11/msg00000.html https://seclists.org/bugtraq/2020/Jan/8 https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release https://wpvulndb.com/vulnerabilities/9913 https://www.debian.org/security/2020/dsa-4 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-17673 – WordPress Core < 5.2.4 - Cache Poisoning
https://notcve.org/view.php?id=CVE-2019-17673
WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header. WordPress versiones anteriores a 5.2.4, es vulnerable al envenenamiento de la memoria caché de peticiones JSON GET porque ciertas peticiones carecen de un encabezado Vary: Origin. • https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html https://core.trac.wordpress.org/changeset/46478 https://github.com/WordPress/WordPress/commit/b224c251adfa16a5f84074a3c0886270c9df38de https://seclists.org/bugtraq/2020/Jan/8 https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release https://wpvulndb.com/vulnerabilities/9911 https://www.debian.org/security/2020/dsa-4599 https://www.debian.org/security/2020/dsa-4677 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 5.3EPSS: 1%CPEs: 4EXPL: 2CVE-2019-17671 – WordPress Core < 5.2.4 - Authorization Bypass
https://notcve.org/view.php?id=CVE-2019-17671
In WordPress before 5.2.4, unauthenticated viewing of certain content is possible because the static query property is mishandled. En WordPress anterior a 5.2.4, es posible la visualización no autenticada de cierto contenido porque la propiedad de consulta estática es manejada inapropiadamente. • https://www.exploit-db.com/exploits/47690 https://github.com/rhbb/CVE-2019-17671 https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html https://core.trac.wordpress.org/changeset/46474 https://github.com/WordPress/WordPress/commit/f82ed753cf00329a5e41f2cb6dc521085136f308 https://lists.debian.org/debian-lts-announce/2019/11/msg00000.html https://seclists.org/bugtraq/2020/Jan/8 https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2019-16220 – WordPress Core < 5.2.3 - Open Redirect
https://notcve.org/view.php?id=CVE-2019-16220
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect. En WordPress versiones anteriores a 5.2.3, la comprobación y el saneamiento de una URL en la función wp_validate_redirect en el archivo wp-includes/pluggable.php podría conllevar a un redireccionamiento abierto. In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect if a provided URL path does not start with a forward slash. • https://core.trac.wordpress.org/changeset/45971 https://github.com/WordPress/WordPress/commit/c86ee39ff4c1a79b93c967eb88522f5c09614a28 https://lists.debian.org/debian-lts-announce/2019/10/msg00023.html https://seclists.org/bugtraq/2020/Jan/8 https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/9863 https://www.debian.org/security/2020/dsa-4599 https://www.debian.org/security/2020/dsa-4677 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •