Lucene search
China National Vulnerability DatabaseCNVD-2022-88249HistorySep 28, 2022 - 12:00 a.m.
WordPress Post SMTP Mailer/Email Log server request forgery vulnerability
2022-09-2800:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
wordpress
php
mailer/email log
server request forgery
vulnerability
authorization
ajax operations
attackers
exploitation
0.001 Low
EPSS
Percentile
43.1%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. WordPress Post SMTP Mailer/Email Log version 2.1.7 previously had a server request forgery vulnerability, which stems from the lack of proper authorization in certain AJAX operations and can be exploited by attackers to launch server request forgery attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress post smtp mailer/email log | lt | 2.1.7 |
Related
cvelist
cvelist
CVE-2022-2352 Post SMTP < 2.1.7 - Admin+ Blind SSRF
2022-09-26 12:35:32
patchstack
patchstack
wpvulndb
wpvulndb
Post SMTP < 2.1.7 - Admin+ Blind SSRF
2022-09-05 00:00:00
openvas
openvas
WordPress Post SMTP Mailer/Email Log Plugin < 2.1.7 SSRF Vulnerability
2022-10-04 00:00:00
prion
prion
Server side request forgery (ssrf)
2022-09-26 13:15:00
nvd
nvd
CVE-2022-2352
2022-09-26 13:15:10
cve
cve
CVE-2022-2352
2022-09-26 13:15:10
wpexploit
wpexploit
Post SMTP < 2.1.7 - Admin+ Blind SSRF
2022-09-05 00:00:00