Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2019-8943
HistoryFeb 20, 2019 - 3:00 a.m.

CVE-2019-8943

2019-02-2003:00:00
mitre
www.cve.org
1

6.6 Medium

AI Score

Confidence

High

0.956 High

EPSS

Percentile

99.4%

JSON

WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and …/ sequences, such as a filename ending with the .jpg?/…/…/file.jpg substring.

Related

debiancve 2
openvas 4
nessus 1
archlinux 1
prion 2
cve 2
nvd 2
veracode 1
checkpoint_advisories 1
osv 2
ubuntucve 2
wpvulndb 1
packetstorm 2
attackerkb 1
cvelist 1
zdt 2
githubexploit 2
debiancve
debiancve
CVE-2019-8943
2019-02-20 03:29:00
CVE-2019-8942
2019-02-20 03:29:00
openvas
openvas
WordPress < 5.1 Path Traversal Vulnerability - Windows
2019-02-22 00:00:00
WordPress < 5.1 Path Traversal Vulnerability - Linux
2019-02-22 00:00:00
WordPress RCE Vulnerability (CVE-2019-8942) - Linux
2019-02-22 00:00:00
nessus
nessus
WordPress < 5.0.4 Directory Traversal Vulnerability
2019-05-30 00:00:00
archlinux
archlinux
[ASA-201903-10] wordpress: directory traversal
2019-03-18 00:00:00
prion
prion
Path traversal
2019-02-20 03:29:00
Remote code execution
2019-02-20 03:29:00
cve
cve
CVE-2019-8943
2019-02-20 03:29:00
CVE-2019-8942
2019-02-20 03:29:00
nvd
nvd
CVE-2019-8943
2019-02-20 03:29:00
CVE-2019-8942
2019-02-20 03:29:00
veracode
veracode
Directory Traversal
2019-02-21 01:53:22
checkpoint_advisories
checkpoint_advisories
WordPress Core Directory Traversal (CVE-2019-8943)
2020-07-05 00:00:00
osv
osv
CVE-2019-8943
2019-02-20 03:29:00
CVE-2019-8942
2019-02-20 03:29:00
ubuntucve
ubuntucve
CVE-2019-8943
2019-02-20 00:00:00
CVE-2019-8942
2019-02-20 00:00:00
wpvulndb
wpvulndb
WordPress 3.7-5.0 (except 4.9.9) - Authenticated Code Execution
2019-02-19 00:00:00
packetstorm
packetstorm
WordPress 5.0.0 crop-image Shell Upload
2019-04-04 00:00:00
WordPress 5.0.0 Remote Code Execution
2021-02-01 00:00:00
attackerkb
attackerkb
Wordpress Post Meta Entry RCE
2019-02-20 00:00:00
cvelist
cvelist
CVE-2019-8942
2019-02-20 03:00:00
zdt
zdt
WordPress 5.0.0 crop-image Shell Upload Exploit
2019-04-05 00:00:00
WordPress Core 5.0 - Remote Code Execution Exploit
2019-03-08 00:00:00
githubexploit
githubexploit
Exploit for Unrestricted Upload of File with Dangerous Type in Wordpress
2021-05-05 16:23:03
Exploit for Path Traversal in Wordpress
2021-02-01 12:47:28

6.6 Medium

AI Score

Confidence

High

0.956 High

EPSS

Percentile

99.4%

JSON
Related for CVELIST:CVE-2019-8943
debiancve2openvas4nessus1archlinux1prion2cve2nvd2veracode1checkpoint_advisories1osv2ubuntucve2wpvulndb1packetstorm2attackerkb1cvelist1zdt2githubexploit2