Intrusion Prevention

WordPress.wp_crop_image.Path.Traversal

Description

This indicates an attack attempt to exploit a Directory Traversal vulnerability in WordPress.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. Successful attacks may allow a remote attackers to use a specially crafted request with directory-traversal sequences to retrieve sensitive information.

Affected Products

WordPress 5.0.3 and prior versions.

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply patch if available from the vendor's website.
https://en-ca.wordpress.org/download/

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date	Version	Status	Detail
2019-04-03	14.585	Modified	Default_action:pass:drop
2019-03-15	14.575	New

ID	47600
Created	Mar 15, 2019
Updated	Apr 02, 2019
CVE ID
Risk
Exploit Prediction Score	93.89%
Default Action	drop
Active
Affected OS	Windows, Linux, BSD, Solaris, MacOS
Affected App	PHP_app
Profile Type	Path Traversal

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

WordPress.wp_crop_image.Path.Traversal

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

WordPress.wp_crop_image.Path.Traversal

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Threat Intelligence
Center