Server-Side Request Forgery (SSRF)

2017-07-2800:24:52

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.013 Low

EPSS

Percentile

86.0%

JSON

WordPress is vulnerable to server-side request forgery (SSRF) attacks. The attacks exist because it bypasses the validation of GET request by using URL http://xxx.xxx.xxx.xxx/wp-admin/press-this.php?u=URL_TO_SCRAPE&url-scan-submit;=Scan which has a zero value in the first octet of an IPv4 address in the URI parameter to wp-admin/press-this.php.

CPENameOperatorVersion
johnpbloch/wordpress-corele4.4.1
johnpbloch/wordpress-corele4.0.9
johnpbloch/wordpress-corele4.2.6
johnpbloch/wordpress-corele3.8.12
johnpbloch/wordpress-corele3.7.12
johnpbloch/wordpress-corele4.3.2
johnpbloch/wordpress-corele4.1.9
johnpbloch/wordpress-corele3.9.10
medreleaf/wordpressle4.4.1
medreleaf/wordpressle4.0.9

Name	Operator	Version
johnpbloch/wordpress-core	le	4.4.1
johnpbloch/wordpress-core	le	4.0.9
johnpbloch/wordpress-core	le	4.2.6
johnpbloch/wordpress-core	le	3.8.12
johnpbloch/wordpress-core	le	3.7.12
johnpbloch/wordpress-core	le	4.3.2
johnpbloch/wordpress-core	le	4.1.9
johnpbloch/wordpress-core	le	3.9.10
medreleaf/wordpress	le	4.4.1
medreleaf/wordpress	le	4.0.9