SSRF Vulnerability in BulletProof Security Plugin for WordPress

SSRF Vulnerability in BulletProof Security Plugin for WordPress

CVE-2014-8749 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Server-side request forgery (SSRF) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote attackers to trigger outbound requests that authenticate to arbitrary databases via the dbhost parameter.

Learn more about our Wordpress Pen Testing.