Description
In Serendipity before 2.0.5, an attacker can bypass SSRF protection by using a malformed IP address (e.g., http://127.1) or a 30x (aka Redirection) HTTP status code.
Remediation
References
Related Vulnerabilities
WordPress Plugin PowerPack Pro for Elementor Privilege Escalation (2.10.14)
Oracle JRE CVE-2023-21937 Vulnerability (CVE-2023-21937)
WordPress Plugin G-Lock Double Opt-in Manager 'ajaxbackend.php' SQL Injection (2.6.2)
WordPress Plugin MailPoet-emails and newsletters in WordPress Cross-Site Scripting (3.23.1)