#58245 closed defect (bug) (duplicate)
Request to prioritize WP <= 6.2 - Unauthenticated Blind SSRF via DNS Rebinding
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | |
| Component: | XML-RPC | Keywords: | |
| Focuses: | Cc: |
Description
Here's a revised version of the request with some improvements:
Dear Support Team,
We've been using Jetpack Protect WP Scann and have encountered an issue related to the vulnerability known as "WP <= 6.2 - Unauthenticated Blind SSRF via DNS Rebinding". We're writing to request your assistance in resolving this issue.
We have made some attempts to neutralize the vulnerability on our end, including blocking XML-RPC from CND, functions.php, and using a plugin specifically designed for this purpose. Additionally, we have turned off Pingbacks and TrackBacks. However, despite these efforts, we have not been able to achieve a "Passing Grade" using the Jetpack Protect Plugin.
This is a known security issue, so I am not reporting it, I´m asking if a future WP release could provide a solution as it is a source of preocupation in the department.
We hope that you will consider this issue in your next release, as it is a point of concern for our users. We appreciate your attention to this matter and look forward to hearing back from you soon.
Best regards,
Juan
Duplicate of #57363.