CVE-2019-16645

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2019-16645 is a vulnerability that affects the popular blogging platform, WordPress. This vulnerability allows an attacker with contributor-level access to execute arbitrary code on the target system, potentially leading to full compromise of the website. The flaw arises from a lack of proper validation of user input in the upload file functionality of certain plugins. The vulnerability was first discovered in October 2019 and was assigned CVE-2019-16645 by the Common Vulnerabilities and Exposures (CVE) database. Several popular plugins were found to be vulnerable, including the "Async JavaScript" plugin, which has over 100,000 active installations. The vulnerability was rated as critical due to its potential impact on the confidentiality, integrity, and availability of the affected systems. Several security researchers and organizations, such as Wordfence and National Vulnerability Database (NVD), released advisories warning users of the vulnerability and recommending immediate updates and patches. Plugin developers also released updates to address the flaw in their products. It is imperative for WordPress users to stay vigilant and keep all software up-to-date to avoid exploitation of this and other vulnerabilities.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2019-16645 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CISA
a year ago
Hitachi Energy MSM | CISA