Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-h9g4-hjrv-3hqw

Опубликовано: 05 мая 2022
Источник: github
Github: Не прошло ревью

Описание

The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send HTTP requests to intranet servers, and conduct port-scanning attacks, by specifying a crafted source URL for a pingback, related to a Server-Side Request Forgery (SSRF) issue.

The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send HTTP requests to intranet servers, and conduct port-scanning attacks, by specifying a crafted source URL for a pingback, related to a Server-Side Request Forgery (SSRF) issue.

EPSS

Процентиль: 98%
0.65276
Средний

Связанные уязвимости

ubuntu
около 12 лет назад

The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send HTTP requests to intranet servers, and conduct port-scanning attacks, by specifying a crafted source URL for a pingback, related to a Server-Side Request Forgery (SSRF) issue.

nvd
около 12 лет назад

The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send HTTP requests to intranet servers, and conduct port-scanning attacks, by specifying a crafted source URL for a pingback, related to a Server-Side Request Forgery (SSRF) issue.

debian
около 12 лет назад

The XMLRPC API in WordPress before 3.5.1 allows remote attackers to se ...

EPSS

Процентиль: 98%
0.65276
Средний