| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-17675 | 6.8 |
WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF.
|
03-02-2023 - 21:54 | 17-10-2019 - 13:15 | |
| CVE-2019-17671 | 5.0 |
In WordPress before 5.2.4, unauthenticated viewing of certain content is possible because the static query property is mishandled.
|
03-02-2023 - 21:54 | 17-10-2019 - 13:15 | |
| CVE-2019-17669 | 7.5 |
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters.
|
03-02-2023 - 21:50 | 17-10-2019 - 13:15 | |
| CVE-2019-17670 | 7.5 |
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.
|
07-11-2022 - 19:12 | 17-10-2019 - 13:15 |