Vulnerability CVE-2019-8942

Vulnerability CVE-2019-8942

Published: 2019-02-19 Modified: 2019-02-20

Description:

Type:

(Improper Control of Generation of Code ('Code Injection'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.5/10	6.4/10	8/10

Affected software
Wordpress -> Wordpress
Debian -> Debian linux

http://packetstormsecurity.com/files/152396/WordPress-5.0.0-crop-image-Shell-Upload.html

http://www.rapid7.com/db/modules/exploit/multi/http/wp_crop_rce

http://www.securityfocus.com/bid/107088

https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/

https://lists.debian.org/debian-lts-announce/2019/03/msg00044.html

https://wpvulndb.com/vulnerabilities/9222

https://www.debian.org/security/2019/dsa-4401

https://www.exploit-db.com/exploits/46511/

https://www.exploit-db.com/exploits/46662/