Lucene search
HistoryOct 03, 2022 - 4:20 p.m.
CVE-2014-9292
cve-2014-9292
ssrf
jrss widget
wordpress
vulnerability
proxy.php
nvd
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
7 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.4%
Server-side request forgery (SSRF) vulnerability in proxy.php in the jRSS Widget plugin 1.2 and earlier for WordPress allows remote attackers to trigger outbound requests and enumerate open ports via the url parameter.
Affected configurations
Node
jrss_widget_projectjrss_widgetRange≤1.2wordpress
| CPE | Name | Operator | Version |
|---|---|---|---|
| jrss_widget_project:jrss_widget | jrss widget project jrss widget | le | 1.2 |
Related
nvd
nvd
CVE-2014-9292
2014-12-05 22:59:00
wpvulndb
wpvulndb
Jrss Widget <= 1.2 - SSRF
2014-05-28 00:00:00
patchstack
patchstack
WordPress jRSS Widget Plugin <= 1.2 - SSRF
2014-12-05 00:00:00
prion
prion
Server side request forgery (ssrf)
2014-12-05 22:59:00
cvelist
cvelist
CVE-2014-9292
2022-10-03 16:20:40
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
7 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.4%
Related for CVE-2014-9292