Description
A reverse proxy uses the values of an HTTP request to route the request. Due to the proxy's insecure configuration, it leads to SSRF vulnerability. SSRF as in Server Side Request Forgery is a vulnerability that allows an attacker to force a server into sending requests to arbitrary hosts, including cloud metadata endpoints.
Remediation
Restrict the reverse proxy to route to arbitrary hosts
References
Related Vulnerabilities
WordPress Plugin Advanced Woo Search Information Disclosure (1.99)
WordPress Plugin Print My Blog-Print, PDF, & eBook Converter Server-Side Request Forgery (1.6.5)
VMware vRealize Operations Server Side Request Forgery (SSRF) vulnerability
WordPress Plugin WP Intercom-Slack for WordPress Information Disclosure (1.2.1)