Description
The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery (SSRF) issue, a similar vulnerability to CVE-2013-0235.
Remediation
References
Related Vulnerabilities
MySQL CVE-2015-0432 Vulnerability (CVE-2015-0432)
Envoy Proxy CVE-2020-25018 Vulnerability (CVE-2020-25018)
WordPress Plugin Invite Anyone Multiple Vulnerabilities (1.3.15)
WordPress Plugin wp-mpdf Cross-Site Request Forgery (3.5.1)
Microsoft SQL Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2003-0230)