Lucene search
WPScanCVELIST:CVE-2022-1977HistoryJun 27, 2022 - 8:59 a.m.
CVE-2022-1977 WP Ultimate CSV Importer < 6.5.3 - Admin+ Blind SSRF
2022-06-2708:59:05
CWE-918
WPScan
www.cve.org
1
0.001 Low
EPSS
Percentile
38.3%
The Import Export All WordPress Images, Users & Post Types WordPress plugin before 6.5.3 does not fully validate the file to be imported via an URL before making an HTTP request to it, which could allow high privilege users such as admin to perform Blind SSRF attacks
CNA Affected
[
{
"product": "Import Export All WordPress Images, Users & Post Types",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.5.3",
"status": "affected",
"version": "6.5.3",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
WordPress WP Ultimate CSV Importer跨站请求伪造漏洞
2022-06-30 00:00:00
nvd
nvd
CVE-2022-1977
2022-06-27 09:15:10
patchstack
patchstack
cve
cve
CVE-2022-1977
2022-06-27 09:15:10
wpvulndb
wpvulndb
WP Ultimate CSV Importer < 6.5.3 - Admin+ Blind SSRF
2022-06-02 00:00:00
wpexploit
wpexploit
WP Ultimate CSV Importer < 6.5.3 - Admin+ Blind SSRF
2022-06-02 00:00:00
prion
prion
Server side request forgery (ssrf)
2022-06-27 09:15:00