CVE-2014-9038 in WordPress
요약 (영어)
wp-includes/http.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to conduct server-side request forgery (SSRF) attacks by referring to a 127.0.0.0/8 resource.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
예약하다
2014. 11. 20.
공개
2014. 11. 25.
상태
확인됨
엔트리
VulDB provides additional information and datapoints for this CVE:
| 아이디 | 취약성 | CWE | 악용 | 대책 | CVE |
|---|---|---|---|---|---|
| 68565 | WordPress http.php 권한 상승 | 20 | 입증되지 않음 | 공식 수정 | CVE-2014-9038 |