CVE-2019-8943 — Vulnetix

Try Vulnetix Request Demo

CVE-2019-8943 PUBLISHED

WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring.

EPSS 93.89% · 99.9th percentile

Risk Scores

EPSS Score

93.89%

99.9th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:18.04:LTS	wordpress	4.9.1+dfsg-1, 4.9.2+dfsg-1, 4.9.4+dfsg-1
Ubuntu:24.04:LTS	wordpress	0, 6.4.3+dfsg1-1ubuntu1, 6.2+dfsg1-1ubuntu1
Ubuntu:16.04:LTS	wordpress	4.3.1+dfsg-1, 4.4.1+dfsg-1, 4.4.2+dfsg-1
Ubuntu:20.04:LTS	wordpress	5.2.2+dfsg1-1, 0, 5.2.4+dfsg1-1
Ubuntu:22.04:LTS	wordpress	5.8.2+dfsg1-1ubuntu1, 5.8.3+dfsg1-1ubuntu1, 5.8.3+dfsg1-1ubuntu1.1
Ubuntu:25.10	wordpress	0, 6.7.2+dfsg1-1.1ubuntu1

Timeline

Feb 20, 2019 CVE Published
Mar 1, 2019 PoC Published
Mar 1, 2019 PoC Published
Mar 8, 2019 PoC Published
Apr 4, 2019 PoC Published
Apr 5, 2019 PoC Published
Apr 5, 2019 PoC Published
Apr 14, 2021 EPSS Score
May 31, 2021 PoC Published
Aug 23, 2021 EPSS Score
Sep 16, 2021 EPSS Score
Dec 25, 2021 EPSS Score

References

https://ubuntu.com/security/CVE-2019-8943 third-party-advisory
https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/ third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2019-8943 third-party-advisory

Open in Interactive Console →