WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-10-17T12:03:42
Updated: 2024-08-05T01:47:13.529Z
Reserved: 2019-10-17T00:00:00
Link: CVE-2019-17673
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-10-17T13:15:11.077
Modified: 2022-03-31T17:51:54.450
Link: CVE-2019-17673
Redhat
No data.