Lucene search
Ronni SkansingPATCHSTACK:591386E18719D4FB5669894D73692FADHistoryMay 17, 2017 - 12:00 a.m.
WordPress <=4.7.4 - Insufficient Redirect Validation vulnerability
2017-05-1700:00:00
Ronni Skansing
patchstack.com
14
0.011 Low
EPSS
Percentile
84.4%
All WordPress versions from 2.7 to 4.7.4 suffers from insufficient redirect validation in the HTTP class that leads to SSRF (Server Side Request Forgery).
Solution
Update WordPress core to the latest possible version (at least 4.7.5).
Related
cve
cve
CVE-2017-9066
2017-05-18 14:29:00
osv
osv
wordpress - security update
2017-08-29 00:00:00
CVE-2017-9066
2017-05-18 14:29:00
debian
debian
[SECURITY] [DLA 1075-1] wordpress security update
2017-08-29 18:08:41
[SECURITY] [DSA 4090-1] wordpress security update
2018-01-17 13:40:59
[SECURITY] [DSA 4090-1] wordpress security update
2018-01-17 13:40:59
wpvulndb
wpvulndb
WordPress 2.7.0-4.7.4 - Insufficient Redirect Validation
2017-05-16 00:00:00
prion
prion
Input validation
2017-05-18 14:29:00
nessus
nessus
Debian DLA-1075-1 : wordpress security update
2017-08-30 00:00:00
WordPress < 4.7.5 Multiple Vulnerabilities
2017-05-23 00:00:00
WordPress 3.9.x < 3.9.19 Multiple Vulnerabilities
2018-11-05 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-1075-1)
2018-02-06 00:00:00
WordPress < 4.7.5 Multiple Security Vulnerabilities - Linux
2017-05-22 00:00:00
WordPress < 4.7.5 Multiple Security Vulnerabilities - Windows
2017-05-22 00:00:00
cvelist
cvelist
CVE-2017-9066
2017-05-18 14:00:00
nvd
nvd
CVE-2017-9066
2017-05-18 14:29:00
ubuntucve
ubuntucve
CVE-2017-9066
2017-05-18 00:00:00
debiancve
debiancve
CVE-2017-9066
2017-05-18 14:29:00