CVE-2019-17670: WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulner ...

Severity: Critical

CVSS Score: 9.8

WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.