CVE-2019-17670

Risk Scores

Affected Products

Exploit Intelligence

• Version problem in wordpress leads to the many vulnearability (hackerone)
• Version problem in wordpress leads to the many vulnearability (hackerone)
• Version problem in wordpress leads to the many vulnearability (hackerone)
• https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html (circl)
• https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/ (circl)
• https://core.trac.wordpress.org/changeset/46472 (circl)
• https://github.com/WordPress/WordPress/commit/9db44754b9e4044690a6c32fd74b9d5fe26b07b2 (circl)
• https://wpvulndb.com/vulnerabilities/9912 (circl)
• [debian-lts-announce] 20191105 [SECURITY] [DLA 1980-1] wordpress security update (circl)
• [debian-lts-announce] 20200911 [SECURITY] [DLA 2371-1] wordpress security update (circl)

…and 1 more exploits

Timeline

• CVE Published
• Jan 10, 2020 PoC Published
• Apr 14, 2021 EPSS Score
• Jan 6, 2022 EPSS Score
• Apr 1, 2022 EPSS Score
• Mar 7, 2023 EPSS Score
• Mar 23, 2025 EPSS Score
• Mar 24, 2025 EPSS Score
• Mar 29, 2025 EPSS Score
• May 1, 2025 EPSS Score
• May 4, 2025 EPSS Score
• Jun 1, 2025 EPSS Score

References

• https://ubuntu.com/security/CVE-2019-17670 third-party-advisory
• https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html third-party-advisory
• https://core.trac.wordpress.org/changeset/46472 third-party-advisory
• https://github.com/WordPress/WordPress/commit/9db44754b9e4044690a6c32fd74b9d5fe26b07b2 third-party-advisory
• https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/ third-party-advisory
• https://wpvulndb.com/vulnerabilities/9912 third-party-advisory
• https://www.cve.org/CVERecord?id=CVE-2019-17670 third-party-advisory