Lucene search
WPScanCVELIST:CVE-2022-2912HistorySep 16, 2022 - 8:40 a.m.
CVE-2022-2912 Craw Data <= 1.0.0 - Server Side Request Forgery
2022-09-1608:40:38
CWE-918
WPScan
www.cve.org
3
wordpress
plugin
nonce checks
attackers
admin
url value
unwanted crawls
third-party sites
ssrf
cve-2022-2912
The Craw Data WordPress plugin through 1.0.0 does not implement nonce checks, which could allow attackers to make a logged in admin change the url value performing unwanted crawls on third-party sites (SSRF).
CNA Affected
[
{
"product": "Craw Data",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "1.0.0",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
}
]Related
prion
prion
Server side request forgery (ssrf)
2022-09-16 09:15:00
wpvulndb
wpvulndb
Craw Data <= 1.0.0 - Server Side Request Forgery
2022-08-19 00:00:00
wpexploit
wpexploit
Craw Data <= 1.0.0 - Server Side Request Forgery
2022-08-19 00:00:00
nvd
nvd
CVE-2022-2912
2022-09-16 09:15:11
cve
cve
CVE-2022-2912
2022-09-16 09:15:11