Description
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Content Filter Unspecified Vulnerability (2.42)
Joomla! Core 4.2.0 Information Disclosure (4.2.0)
WordPress Plugin 2Way VideoCalls and Random Chat-HTML5 Webcam Videochat Cross-Site Scripting (4.41)
WordPress Plugin MPL-Publisher-Create your Ebook & Audiobook Cross-Site Scripting (1.29.1)