[wp-trac] [WordPress Trac] #60145: WordPress <= 6.4.2 is vulnerable to Server Side Request Forgery (SSRF)

WordPress Trac noreply at wordpress.org
Thu May 30 09:54:50 UTC 2024


#60145: WordPress <= 6.4.2 is vulnerable to Server Side Request Forgery (SSRF)
--------------------------+------------------------------
 Reporter:  fahimmurshed  |       Owner:  (none)
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  XML-RPC       |     Version:  6.4.2
 Severity:  normal        |  Resolution:
 Keywords:                |     Focuses:
--------------------------+------------------------------

Comment (by markhowellsmead):

 This has apparently been a problem since 2022 and remains unadressed. See
 also
 https://patchstack.com/database/vulnerability/wordpress/wordpress-6-1-1
 -unauth-blind-ssrf-vulnerability

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/60145#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list