CSRF Vulnerability in WordPress before 5.2.4

CSRF Vulnerability in WordPress before 5.2.4

CVE-2019-17675 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF.

Learn more about our Web Application Penetration Testing UK.