Description
WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header.
Remediation
References
Related Vulnerabilities
MySQL CVE-2020-14643 Vulnerability (CVE-2020-14643)
WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Security Bypass (8.9)
WordPress Plugin Media File Manager Advanced Multiple Vulnerabilities (1.1.5)
Internet Information Services Other Vulnerability (CVE-2000-0246)
WordPress Plugin Easy Cookies Policy Cross-Site Scripting (1.6.2)