13 matches found
CVE-2013-0235
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wordpresspingbackaccess.rb 2025-02-06 03:13:41+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:12+00:00|...
WordPress < 3.5.1 Multiple Vulnerabilities
Binary data 9095.prm...
Fedora Update for wordpress FEDORA-2013-16895
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Server side request forgery (ssrf)
The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery SSRF issue, a similar vulnerability to CVE-2013-0235...
CVE-2013-0235
The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send HTTP requests to intranet servers, and conduct port-scanning attacks, by specifying a crafted source URL for a pingback, related to a Server-Side Request Forgery SSRF issue...
CVE-2013-0235
CVE-2013-0235 affects WordPress via the XMLRPC API (WordPress prior to 3.5.1). The vulnerability allows a remote attacker to craft a pingback source URL to trigger SRRF-like behavior, enabling the attacker to make the targeted server issue HTTP requests to intranet/internal hosts and perform port...
CVE-2013-2199
The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery SSRF issue, a similar vulnerability to CVE-2013-0235...
Fedora Update for wordpress FEDORA-2013-11630
Check for the Version of wordpress OpenVAS Vulnerability Test Fedora Update for wordpress FEDORA-2013-11630 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Fedora Update for wordpress FEDORA-2013-11630
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for wordpress FEDORA-2013-1774
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for wordpress FEDORA-2013-1692
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
WordPress 'xmlrpc.php' pingback.ping Server-Side Request Forgery
The WordPress install hosted on the remote web server is affected by a server-side request forgery vulnerability because the 'pingback.ping' method used in 'xmlrpc.php' fails to properly validate source URIs Uniform Resource Identifiers. A remote, unauthenticated attacker can exploit this issue t...
Wordpress Pingback Locator
This module will scan for wordpress sites with the Pingback API enabled. By interfacing with the API an attacker can cause the wordpress site to port scan an external target and return results. Refer to the wordpresspingbackportscanner module. This issue was fixed in wordpress 3.5.1 This module...