CVE-2016-2222

The wp_http_validate_url function in wp-includes/http.php in WordPress before 4.4.2 allows remote attackers to conduct server-side request forgery (SSRF) attacks via a zero value in the first octet of an IPv4 address in the u parameter to wp-admin/press-this.php.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:wordpress:wordpress:4.4.1:*:*:*:*:*:*:*

Information

Published : 2016-05-21 18:59

Updated : 2017-11-03 18:29


NVD link : CVE-2016-2222

Mitre link : CVE-2016-2222


JSON object : View

Advertisement

dedicated server usa

Products Affected

wordpress

  • wordpress