CSRF Vulnerability in WordPress Press This Leading to Excessive Server Resource Usage

CSRF Vulnerability in WordPress Press This Leading to Excessive Server Resource Usage

CVE-2017-6819 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This.

Learn more about our Wordpress Pen Testing.