Intrusion Prevention

WordPress.Comment.Content.Filter.Remote.Code.Execution

Description

This indicates an attack attempt to exploit a Remote Code Execution Vulnerability in WordPress Project WordPress.
A remote, unauthenticated attacker could exploit this vulnerability by enticing an authenticated user to open a web page or link. Successful exploitation, in the worst case, could lead to execution of arbitrary PHP code.

Affected Products

WordPress Project WordPress prior to 5.1.1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://wordpress.org/news/2019/03/wordpress-5-1-1-security-and-maintenance-release/

CVE References

CVE-2019-9787