I am getting error WP <= 6.2 – Unauthenticated Blind SSRF via DNS Rebinding

  • Resolved malikkhakh

    (@malikkhakh)


    1 year, 10 months ago

    I am getting this critical error in WordPress Admin Panel. A screenshot is attached.

    All threats

    WordPress (6.2)

    WP <= 6.2 – Unauthenticated Blind SSRF via DNS Rebinding

    What is the problem?

    WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden. See more technical details of this threat

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘I am getting error WP <= 6.2 – Unauthenticated Blind SSRF via DNS Rebinding’ is closed to new replies.