Skip to content

Access Control: Wordpress Oembed Proxy - Server-side request forgery

Identifier: wordpress_ssrf_oembed

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

The oEmbed feature in WordPress allows embedding content from external sources, and if it's not properly secured, it could be exploited for SSRF.

Reference:

Configuration

Example

Example configuration:

---
security_tests:
  wordpress_ssrf_oembed:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.