SSRF and Privilege escalation vulnerability in WordPress
I have just received the email below. What does it mean? What should I do about it?
(And yes I know - I will contact customer support as it suggests too, just thought some advice on this could be useful here)
Dear Account Administrator,
We have detected software vulnerabilities in PHP scripts on your hosting package. To prevent system abuse resulting from exploitation of these vulnerabilities, these should be addressed as quickly as possible. This concerns the following vulnerabilities:
SSRF vulnerability in WordPress
Privilege escalation vulnerability in WordPress
Vulnerabilities such as these can allow third parties to access your hosting package and abuse this through e.g. uploading malware for various purposes. We strongly recommend you check the entire hosting package for other files that appear out of place, which our detection system might have missed.
If you have any questions arising from this message, please contact our customer support department.