Описание
In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| wordpress | fixed | 4.7.5+dfsg-1 | package | |
| wordpress | fixed | 4.1+dfsg-1+deb8u16 | jessie | package |
Примечания
https://wordpress.org/news/2017/05/wordpress-4-7-5/
https://github.com/WordPress/WordPress/commit/76d77e927bb4d0f87c7262a50e28d84e01fd2b11
EPSS
Процентиль: 82%
0.0181
Низкий
Связанные уязвимости
CVSS3: 8.6
ubuntu
около 8 лет назад
In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.
CVSS3: 8.6
nvd
около 8 лет назад
In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.
CVSS3: 8.6
github
около 3 лет назад
In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.
EPSS
Процентиль: 82%
0.0181
Низкий