WordPress Plugin jRSS Widget Server-Side Request Forgery - CVE-2014-9292
WordPress Plugin jRSS Widget is prone to a server-side request forgery vulnerability. An attacker may leverage this issue to make the vulnerable server perform port scanning of hosts in internal or external networks other attacks are also possible. WordPress Plugin jRSS Widget version 1.2 is vulnerable prior versions may also be affected.