CVE-2022-3590

MEDIUM severity · CVSS 5.9 · CWE-367

5.9CVSS MEDIUM

Summary

WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden.

Impact & exploitability

Attack vectorNetwork

Attack complexityHigh

Privileges requiredNone

User interactionNone

Confidentiality impactHigh

Integrity impactNone

Availability impactNone

Exploit probability (EPSS)90%

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products we track (1)

WordPress

Recommendation

Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.

Additional information

NVD record
https://wpscan.com/vulnerability/c8814e6e-78b3-4f63-a1d3-6906a84c1f11Advisory
https://wpscan.com/vulnerability/c8814e6e-78b3-4f63-a1d3-6906a84c1f11Advisory
https://blog.sonarsource.com/wordpress-core-unauthenticated-blind-ssrf/Advisory
https://blog.sonarsource.com/wordpress-core-unauthenticated-blind-ssrf/Advisory