Description
The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery (SSRF) issue, a similar vulnerability to CVE-2013-0235.
Remediation
References
Related Vulnerabilities
WordPress Plugin Accordion Shortcodes Cross-Site Scripting (2.4.2)
WordPress Plugin Easy Career Openings Cross-Site Scripting (0.4)
Python Uncontrolled Resource Consumption Vulnerability (CVE-2021-3737)
WordPress Plugin Image Gallery-Responsive Photo Gallery Cross-Site Scripting (2.0.5)
WordPress Plugin Smart Slider 2 Multiple Cross-Site Scripting Vulnerabilities (2.3.11)