CVE Vulnerabilities

CVE-2014-9292

Published: Dec 05, 2014 | Modified: Dec 08, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Server-side request forgery (SSRF) vulnerability in proxy.php in the jRSS Widget plugin 1.2 and earlier for WordPress allows remote attackers to trigger outbound requests and enumerate open ports via the url parameter.

Affected Software

Name Vendor Start Version End Version
Jrss_widget Jrss_widget_project * 1.2 (including)

References