What is the solution for the vulnerability "WP <= 6.1.1 - Unauthenticated Blind SSRF via DNS Rebinding"?

asked 2022-08-18 11:00:00 +0000

lakamha
21 ●3 ●3

edit retag flag offensive close merge delete

add a comment

1 Answer

Sort by » oldest newest most voted

answered 2021-07-02 07:00:00 +0000

djk
21 ●1 ●1

The solution for the vulnerability "WP <= 6.1.1 - Unauthenticated Blind SSRF via DNS Rebinding" is to upgrade to a version of WordPress higher than 5.1.1, as this vulnerability was fixed in version 5.1.2. If you are unable to upgrade immediately, you can patch the vulnerability by adding the following code to your wp-config.php file:

define('WPHTTPBLOCK_EXTERNAL', true);

This code will prevent WordPress from making any external HTTP requests, which will prevent the vulnerability from being exploited. However, this may break some plugins or features that rely on external HTTP requests, so it is recommended to only use this as a temporary solution until the WordPress version can be upgraded.

edit flag offensive delete link

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss

Add Answer

Question Tools

Stats

Asked: 2022-08-18 11:00:00 +0000

Seen: 10 times

Last updated: Jul 02 '21

What is the solution for the vulnerability "WP <= 6.1.1 - Unauthenticated Blind SSRF via DNS Rebinding"? edit

1 Answer