CVE-2017-14719
HIGHWordPress < 4.8.2 - Path Traversal via Unzip Operations
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2017-14719. PoCs published by PalmTreeForest.
AI-analyzed exploit summary This repository contains a detailed writeup and documentation of vulnerabilities affecting older versions of WordPress, including CVE-2017-14719 (path traversal), CVE-2019-9787 (authenticated XSS), and an unauthenticated REST API content modification vulnerability. It includes steps to recreate the vulnerabilities, affected source code references, and screenshots.
Description
Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components.
Exploits (1)
This repository contains a detailed writeup and documentation of vulnerabilities affecting older versions of WordPress, including CVE-2017-14719 (path traversal), CVE-2019-9787 (authenticated XSS), and an unauthenticated REST API content modification vulnerability. It includes steps to recreate the vulnerabilities, affected source code references, and screenshots.
References (6)
Scores
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N