CSRF Vulnerability in WordPress before 5.2.4
CVE-2019-17675 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF.
Learn more about our Web Application Penetration Testing UK.