Security Advisory
CVE-2019-17670
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.