AVG-910 log

Package wordpress
Status Fixed
Severity Critical
Type arbitrary code execution
Affected 5.0.0-1
Fixed 5.0.1-1
Current 5.3-1 [community]
Ticket None
Created Thu Feb 21 12:35:40 2019
Issue Severity Remote Type Description
CVE-2019-8942 Critical Yes Arbitrary code execution
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string,...