CVE-2017-16870

EPSS 0.38% · P60 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-16870

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The UpdraftPlus plugin through 1.13.12 for WordPress has SSRF in the updraft_ajax_handler function in /wp-content/plugins/updraftplus/admin.php via an httpget subaction. NOTE: the vendor reports that this does not cross a privilege boundary

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

WordPress UpdraftPlus插件安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台，该平台支持在PHP和MySQL的服务器上架设个人博客网站。UpdraftPlus plugin是使用在其中的一个WordPress备份插件。 WordPress UpdraftPlus插件1.13.12及之前的版本中的/wp-content/plugins/updraftplus/admin.php文件的‘updraft_ajax_handler’函数存在服务器端请求伪造漏洞。目前尚无此漏洞的相关信息，请随时关注CNNVD

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2017-16870

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-16870

Please Login to view more intelligence information

Same Patch Batch · n/a · 2017-11-17 · 85 CVEs total

CVE-2017-16872		PJSIP Teluu pjproject 缓冲区错误漏洞
CVE-2017-1000168		sodiumoxide 安全漏洞
CVE-2017-16868		SWFTools 安全漏洞
CVE-2017-16869		UPX 安全漏洞
CVE-2017-1000229		OptiPNG 数字错误漏洞
CVE-2017-1000223		MODX Revolution CMS 跨站脚本漏洞
CVE-2017-1000164		Tine Addressbook 跨站脚本漏洞
CVE-2017-1000160		EllisLab ExpressionEngine 跨站脚本漏洞
CVE-2017-1000129		Serendipity blog组件SQL注入漏洞
CVE-2017-1000225		Relevanssi Premium 跨站脚本漏洞
CVE-2017-16871		WordPress UpdraftPlus插件竞争条件漏洞
CVE-2017-1000203		ROOT 安全漏洞
CVE-2017-1000206		samtools htslib library CRAM rANS codec 缓冲区错误漏洞
CVE-2017-1000211		Lynx HTML解析器安全漏洞
CVE-2017-1000212		alchemist.vim bundled alchemist-server 安全漏洞
CVE-2017-16875		PJSIP Teluu pjproject pjlib和pjlib-util 数字错误漏洞
CVE-2017-1000191		Jool 安全漏洞
CVE-2017-1000192		Cygnux sysPass 安全漏洞
CVE-2017-16819		Icon Time Systems RTC-1000 跨站脚本漏洞
CVE-2017-16877		ZEIT Next.js 路径遍历漏洞

Showing top 20 of 85 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2017-16870

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2017-16870

I. Basic Information for CVE-2017-16870

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-16870

III. Intelligence Information for CVE-2017-16870

Same Patch Batch · n/a · 2017-11-17 · 85 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2017-16870

Leave a comment