Dark Reading
3 years, 6 months ago
Google WordPress Plug-in Bug Allows AWS Metadata Theft
A successful attacker could use the SSRF vulnerability to collect metadata from WordPress sites hosted on an AWS server, and potentially log in to a cloud instance to run commands.