Vulnerabilities > CVE-2014-9292 - Remote Security vulnerability in Jrss Widget
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE network
jrss-widget-project
Summary
Server-side request forgery (SSRF) vulnerability in proxy.php in the jRSS Widget plugin 1.2 and earlier for WordPress allows remote attackers to trigger outbound requests and enumerate open ports via the url parameter. <a href="http://cwe.mitre.org/data/definitions/918.html">CWE-918: Server-Side Request Forgery (SSRF)</a>
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |