Lucene search
WpvulndbWPEX-ID:C8814E6E-78B3-4F63-A1D3-6906A84C1F11HistoryDec 13, 2022 - 12:00 a.m.
WP <= 6.2 - Unauthenticated Blind SSRF via DNS Rebinding
2022-12-1300:00:00
wpvulndb
2344
ssrf
unauthenticated
wordpress
EPSS
0.001
Percentile
50.7%
WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden.
https://blog.sonarsource.com/wordpress-core-unauthenticated-blind-ssrf/Related
wpvulndb
wpvulndb
WP <= 6.2 - Unauthenticated Blind SSRF via DNS Rebinding
2022-12-13 00:00:00
ubuntucve
ubuntucve
CVE-2022-3590
2022-12-14 00:00:00
osv
osv
CVE-2022-3590
2022-12-14 09:15:09
BIT-wordpress-2022-3590
2024-03-06 11:09:54
BIT-wordpress-multisite-2022-3590
2024-03-06 11:09:38
openvas
openvas
WordPress <= 6.4.1 SSRF Vulnerability
2022-12-15 00:00:00
nvd
nvd
CVE-2022-3590
2022-12-14 09:15:09
cvelist
cvelist
CVE-2022-3590 WP <= 6.1.1 - Unauthenticated Blind SSRF via DNS Rebinding
2022-12-14 08:33:40
prion
prion
Race condition
2022-12-14 09:15:00
debiancve
debiancve
CVE-2022-3590
2022-12-14 09:15:09
cve
cve
CVE-2022-3590
2022-12-14 09:15:09
githubexploit
githubexploit
Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Wordpress
2024-08-08 03:02:05
Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Wordpress
2023-06-12 13:06:54