EPSS
Percentile
74.2%
The fix sends the “Vary: Origin” response header for GET requests from unauthenticated users.
blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
github.com/WordPress/WordPress/commit/b224c251adfa16a5f84074a3c0886270c9df38de
wordpress.org/news/2019/10/wordpress-5-2-4-security-release/