CVE-2019-19589
The CVE-2019-19589 affects the Lever PDF Embedder plugin for WordPress (v4.4). The vulnerability stems from the plugin not blocking polyglot PDF documents that are valid JAR archives during distribution, with the upload process controlled by WordPress core rather than the plugin itself. This mean...