Unrated severityNVD Advisory· Published Dec 1, 2014· Updated Jun 17, 2026
CVE-2014-8749
CVE-2014-8749
Description
Server-side request forgery (SSRF) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote attackers to trigger outbound requests that authenticate to arbitrary databases via the dbhost parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:ait-pro:bulletproof_security:*:*:*:*:*:wordpress:*:*Range: <=.51
- Range: <.51.1
Patches
Vulnerability mechanics
References
2- wordpress.org/plugins/bulletproof-security/changelog/nvdPatchVendor Advisory
- seclists.org/fulldisclosure/2014/Nov/13nvd
News mentions
0No linked articles in our index yet.