What to do about a blind SSRF vulnerability affecting WordPress Core

We have been hearing questions from WPScan clients about a long-standing vulnerability that has been present in the WordPress software for some time, but we only recently added it to our threat database, so that’s why it has just appeared in results. However, the vulnerability is not new. There is not currently a fix or patch available for the vulnerability, because it impacts the current version of WordPress, so updating the WordPress software will not resolve the issue.

The vulnerability will continue to appear in your scan results until the issue is patched in the WordPress software.

In most situations, it is safe to ignore this particular vulnerability. Although the risk is low, if you are concerned about your site being specifically targeted and attacked, you could make sure that your WordPress instance is isolated in a separate IP segment that does not have access to other services within the internal network.

This information is quite technical, but you can check it out in a blog post by SonarSource if you’re interested to learn more.

That article also includes a code snippet you can add to your site via a functionality plugin like Code Snippets, which will remove the handler pingback.ping of the XMLRPC endpoint. Again, this is optional, but if you are concerned about being explicitly targeted, this is an additional step you can take to patch the vulnerability in the meantime.

sonarsource.comsonarsource.com

WordPress Core – Unauthenticated Blind SSRF

Leave a Reply