vulnerability

Wordpress: CVE-2016-4029: Improper Authorization

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
2016-08-07
Added
2017-05-16
Modified
2024-11-27

Description

WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address.

Solution

wordpress-upgrade-4_5
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.