Sergey Biryukov

3 exploits Active since Mar 2019
CVE-2019-9787 WRITEUP HIGH WRITEUP
WordPress < 5.1.1 - Unauthenticated Remote Code Execution via CSRF and XSS in Comment Handling
WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php.
CVSS 8.8
CVE-2019-16220 WRITEUP MEDIUM WRITEUP
WordPress < 5.2.3 - Open Redirect via wp_validate_redirect URL Path
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect if a provided URL path does not start with a forward slash.
CVSS 6.1
CVE-2019-17670 WRITEUP CRITICAL WRITEUP
WordPress < 5.2.4 - Server-Side Request Forgery via Windows Path Validation Bypass
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.
CVSS 9.8