Threat Post

WordPress Update Fixes SSRF, Open Redirect Vulnerability

WordPress’ latest version, 4.4.2, fixes a handful of bugs and vulnerabilities in the content management system. Developers at WordPress are encouraging users to upgrade to the latest version, 4.4.2, ...
Searchenginejournal.com

HubSpot WordPress Plugin Vulnerability

WPScan and the United States Government National Vulnerability Database published a notice of a vulnerability discovered in the HubSpot WordPress plugin. The vulnerability exposes users of the plugin ...
Threat Post

SSRF Flaw in Fintech Platform Allowed for Compromise of Bank Accounts

Researchers discovered the vulnerability in an API already integrated into many bank systems, which could have defrauded millions of users by giving attackers access to their funds. A server-side ...
CSOonline

SSRF attacks explained and how to defend against them

Server-side request forgery (SSRF) attacks consist of an attacker tricking the server into making an unauthorized request. The name itself implies that a request that should have otherwise been made ...
Dark Reading

Microsoft Patches 4 SSRF Flaws in Separate Azure Cloud Services

Microsoft has fixed vulnerabilities in four separate services of its Azure cloud platform, two of which could have allowed attackers to perform a server-side request forgery (SSRF) attack — and thus ...