Lucene search
PatchstackCVE-2024-25915HistoryFeb 23, 2024 - 12:15 p.m.
CVE-2024-25915
2024-02-2312:15:46
CWE-918
Patchstack
web.nvd.nist.gov
58
cve-2024-25915
ssrf
raaj trambadia
pexels
free stock photos
vulnerability
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
AI Score
6.2
Confidence
High
EPSS
0
Percentile
9.0%
Server-Side Request Forgery (SSRF) vulnerability in Raaj Trambadia Pexels: Free Stock Photos.This issue affects Pexels: Free Stock Photos: from n/a through 1.2.2.
Affected configurations
Node
raaj_trambadiapexels\Match_free_stock_photoswordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| raaj_trambadia | pexels\ | _free_stock_photos | cpe:2.3:a:raaj_trambadia:pexels\:_free_stock_photos:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-pexels-free-stock-photos",
"product": "Pexels: Free Stock Photos",
"vendor": "Raaj Trambadia",
"versions": [
{
"lessThanOrEqual": "1.2.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
wpvulndb
wpvulndb
vulnrichment
vulnrichment
prion
prion
Server side request forgery (ssrf)
2024-02-23 12:15:00
nvd
nvd
CVE-2024-25915
2024-02-23 12:15:46
wordfence
wordfence
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
AI Score
6.2
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-25915