Overview

You may receive an email or error message within the Plesk WordPress Toolkit that your site has a vulnerability, even if it’s all up-to-date. The email looks like:

wordpress toolkit reports: unath blind ssrf vulnerability in wordpress 6.1.1

This specific vulnerability is a very low risk WordPress vulnerability and relies on other vulnerabilities to exploit.

Mitigation

While the vulnerability is extremely unlikely to occur on Conetix based hosting (we have mitigation for some of the methods used to exploit already), there are two steps you can take:

  1. Ensure all other WordPress plugins and themes are up-to-date. This vulnerability requires other vulnerabilities within your site in order to function. With everything up-to-date, these vulnerabilities are highly unlikely to exist.
  2. Block XMLRPC

Further Reading

Was this article helpful?

Related Articles