Lucene search
Ronni SkansingPATCHSTACK:591386E18719D4FB5669894D73692FADHistoryMay 17, 2017 - 12:00 a.m.
WordPress <=4.7.4 - Insufficient Redirect Validation vulnerability
2017-05-1700:00:00
Ronni Skansing
patchstack.com
17
EPSS
0.011
Percentile
84.3%
All WordPress versions from 2.7 to 4.7.4 suffers from insufficient redirect validation in the HTTP class that leads to SSRF (Server Side Request Forgery).
Solution
Update WordPress core to the latest possible version (at least 4.7.5).
Related
debian
debian
[SECURITY] [DLA 1075-1] wordpress security update
2017-08-29 18:08:41
[SECURITY] [DSA 4090-1] wordpress security update
2018-01-17 13:40:59
[SECURITY] [DSA 4090-1] wordpress security update
2018-01-17 13:40:59
osv
osv
wordpress - security update
2017-08-29 00:00:00
CVE-2017-9066
2017-05-18 14:29:00
cve
cve
CVE-2017-9066
2017-05-18 14:29:00
prion
prion
Input validation
2017-05-18 14:29:00
openvas
openvas
Debian: Security Advisory (DLA-1075-1)
2018-02-06 00:00:00
WordPress < 4.7.5 Multiple Security Vulnerabilities - Linux
2017-05-22 00:00:00
WordPress < 4.7.5 Multiple Security Vulnerabilities - Windows
2017-05-22 00:00:00
nessus
nessus
Debian DLA-1075-1 : wordpress security update
2017-08-30 00:00:00
WordPress < 4.7.5 Multiple Vulnerabilities
2017-05-23 00:00:00
WordPress 4.0.x < 4.0.18 Multiple Vulnerabilities
2018-11-05 00:00:00
cvelist
cvelist
CVE-2017-9066
2017-05-18 14:00:00
nvd
nvd
CVE-2017-9066
2017-05-18 14:29:00
wpvulndb
wpvulndb
WordPress 2.7.0-4.7.4 - Insufficient Redirect Validation
2017-05-16 00:00:00
ubuntucve
ubuntucve
CVE-2017-9066
2017-05-18 00:00:00
debiancve
debiancve
CVE-2017-9066
2017-05-18 14:29:00