WP core – Unauthenticated Blind SSRF(Server Side Request Forgery)

Home Forums Discussion WP core – Unauthenticated Blind SSRF(Server Side Request Forgery)

  • This topic has 0 replies, 1 voice, and was last updated 4 weeks ago by chandru007.
Viewing 0 reply threads
  • Author
    Posts
    • #139
      chandru007
      Participant

        This vulnerability has not yet been fixed by the vendor side. This can be mitigated by WP Toolkit.

        Temporary solution,
        1. Block access to xmlrpc.php
        2. Turn off pingbacks

        A pingback is a comment type generated when you link to another blog post that has pingbacks enabled.

    Viewing 0 reply threads
    • You must be logged in to reply to this topic.