CVE-2013-0235

Priority
Description
The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send
HTTP requests to intranet servers, and conduct port-scanning attacks, by
specifying a crafted source URL for a pingback, related to a Server-Side
Request Forgery (SSRF) issue.
Notes
Package
Upstream:released (3.5.1+dfsg-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [3.5.1+dfsg-2])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (3.5.1+dfsg-2)
More Information

Updated: 2020-01-29 19:45:48 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)