[wp-trac] [WordPress Trac] #60145: WordPress <= 6.4.2 is vulnerable to Server Side Request Forgery (SSRF)
WordPress Trac
noreply at wordpress.org
Thu May 30 09:54:50 UTC 2024
#60145: WordPress <= 6.4.2 is vulnerable to Server Side Request Forgery (SSRF)
--------------------------+------------------------------
Reporter: fahimmurshed | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: XML-RPC | Version: 6.4.2
Severity: normal | Resolution:
Keywords: | Focuses:
--------------------------+------------------------------
Comment (by markhowellsmead):
This has apparently been a problem since 2022 and remains unadressed. See
also
https://patchstack.com/database/vulnerability/wordpress/wordpress-6-1-1
-unauth-blind-ssrf-vulnerability
--
Ticket URL: <https://core.trac.wordpress.org/ticket/60145#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list