Bypassing WAF in Misconfigured Wordpress

Web Application Firewalls like cloudflare are pretty good at protecting websites by tunneling the traffic through their secure servers. But if the underlying IP address is leaked, such protection is usually bypassed and the attacker can directly target the application. IP Disclosure in WordPress WordPress stores the site url and home url in the database and uses them to serve content or redirect users. But sometimes the website is required to migrate to another domain.
Read more →

Open Redirect in Flattr

Read more →