Description
WordPress Plugin Print My Blog-Print, PDF, & eBook Converter is prone to a server-side request forgery vulnerability. An attacker may leverage this issue to make the vulnerable server perform port scanning of hosts in internal or external networks; other attacks are also possible. WordPress Plugin Print My Blog-Print, PDF, & eBook Converter version 1.6.5 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.6.6 or latest
References
http://dumpco.re/bugs/wp-plugin-print-my-blog-ssrf
https://plugins.svn.wordpress.org/print-my-blog/trunk/readme.txt
Related Vulnerabilities
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-4041)
Tornado Improper Input Validation Vulnerability (CVE-2012-2374)
MySQL CVE-2016-0644 Vulnerability (CVE-2016-0644)
WordPress Plugin Integrator 'redirect_to' Parameter Cross-Site Scripting (1.32)
WordPress Plugin FooBox Image Lightbox Security Bypass (2.6.3)