WordPress 1.5.1 - 3.5 XMLRPC Pingback API Internal/External Port Scanning

Affects WordPresses

fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1
fixed in version 3.5.1

References

CVE 2013-0235
URL https://github.com/FireFart/WordpressPingbackPortScanner

Classification

Type SSRF
OWASP Top 10 A1: Injection
CWE CWE-918

Miscellaneous

Views 7233
Verified Yes
WPVDB ID 5988

Timeline

Publicly Published 2014-08-01 (about 5 years ago)
Added 2014-08-01 (about 5 years ago)
Last Updated 2018-08-29 (about 1 year ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin