WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. versions of the WordPress HubSpot plugin prior to 8.8.15 are vulnerable to server-side request forgery, which stems from the plugin’s failure to validate the proxy URL provided to the proxy REST endpoint. An attacker with the edit_posts feature could exploit this vulnerability to perform server-side request forgery attacks.