| Max CVSS | 5.8 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-2222 | 5.0 |
The wp_http_validate_url function in wp-includes/http.php in WordPress before 4.4.2 allows remote attackers to conduct server-side request forgery (SSRF) attacks via a zero value in the first octet of an IPv4 address in the u parameter to wp-admin/pr
|
04-11-2017 - 01:29 | 22-05-2016 - 01:59 | |
| CVE-2016-2221 | 5.8 |
Open redirect vulnerability in the wp_validate_redirect function in wp-includes/pluggable.php in WordPress before 4.4.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL that triggers in
|
04-11-2017 - 01:29 | 22-05-2016 - 01:59 |