CVE-2022-3590
WP <= 6.1.1 - Unauthenticated Blind SSRF via DNS RebindingWordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden.
We have discovered 3,568,724 live websites that are affected by CVE-2022-3590.
Contact us to get more info
Common Weakness Enumeration
CWE-918 Server-Side Request Forgery (SSRF)
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2022-3590 and the relative popularity of websites