cve/CVE-2019-17669.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

1010 B

Raw Blame History

CVE-2019-17669

Description

WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters.

POC

Reference

https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Afetter618/WordPress-PenTest
https://github.com/El-Palomo/DerpNStink
https://github.com/El-Palomo/SYMFONOS
https://github.com/namhikelo/Symfonos1-Vulnhub-CEH

1010 B Raw Blame History

CVE-2019-17669

Description

POC

Reference

Github

1010 B

Raw Blame History