Wordpress : Security Vulnerabilities Published In 2019 (Information Leak)

In WordPress before 5.2.4, unauthenticated viewing of certain content is possible because the static query property is mishandled.
Max Base Score
Published 2019-10-17
Updated 2023-02-03
EPSS 1.58%
WordPress 4.7.2 mishandles listings of post authors, which allows remote attackers to obtain sensitive information (Path Disclosure) via a /wp-json/oembed/1.0/embed?url= request, related to the "author_name":" substring.
Max Base Score
Published 2019-05-22
Updated 2019-05-27
EPSS 0.18%
2 vulnerabilities found
This web site uses cookies for managing your session and website analytics (Google analytics) purposes as described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!