Vulnerable to Server Side Request Forgery (SSRF)

  • Resolved Ken Sim

    (@kwsim539)


    1 year, 6 months ago

    On 8-29-2023 Mika discovered and reported this Server Side Request Forgery (SSRF) vulnerability in WordPress PowerPress Podcasting Plugin. This could allow a malicious actor to cause a website to execute website requests to an arbitrary domain of the attacker. This could allow a malicious actor to find sensitive information of other services running on the system. This vulnerability has not been known to be fixed yet.

    Any idea when this will get patched before the 40,000 installs start getting attacked?

    The page I need help with: [log in to see the link]

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Support Shawn

    (@shawnogordo)

    The Blubrry dev team is aware of this issue and will be releasing a patch soon to fix it. There’s no exact ETA yet for the release.

    Thread Starter Ken Sim

    (@kwsim539)

    Thanks for the update. But I wouldn’t in good conscience mark this ticket as resolved until the fix to this serious security issue is released.

    Plugin Support Shawn

    (@shawnogordo)

    This is what they’ve determined so far:

    • A user needs to have contributor-level or higher access to your website in order to even attempt to do something related to the issue.
    • This means that it would only affect your website if you (or someone with a login + contributor access to your website) creates a post and intentionally enters a bad podcast media url in the episode box. Even then, risk of exposure is low due to pre-existing checks.  However, we will put out a patch in the next release of PowerPress to tighten the checks further.
    Plugin Support Mike Dell

    (@benzoid)

    We are aware and will have a new version of PowerPress out this week (Tuesday or Wednesday)

    Thread Starter Ken Sim

    (@kwsim539)

    @benzoid OK, now that you have released the update, I can no longer verify my file URL from my CDN in the post’s Media URL field. I am receiving this error, “Unknown error occurred while checking Media URL.” Also, this is affecting all of my previous posts, screenshot below.

    This does not seem to be affecting the frontend player of the post. Nor is it affecting the podcast feed.

    https://u.pcloud.link/publink/show?code=XZvUM3VZgprj5UhS2BktnptsatlNNSz6yrOk

    Plugin Support Dave Clements

    (@daveclements)

    Ken,

    I don’t believe that this is related to the vulnerability issue, but we’ll look into it.

    Thread Starter Ken Sim

    (@kwsim539)

    @daveclements you would be correct in your statement. But this is a direct result of your attempt to fix the vulnerability issue.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Vulnerable to Server Side Request Forgery (SSRF)’ is closed to new replies.