EPSS
Percentile
84.3%
All WordPress versions from 2.7 to 4.7.4 suffers from insufficient redirect validation in the HTTP class that leads to SSRF (Server Side Request Forgery).
Update WordPress core to the latest possible version (at least 4.7.5).
github.com/WordPress/WordPress/commit/76d77e927bb4d0f87c7262a50e28d84e01fd2b11