Lucene search
PatchstackCVELIST:CVE-2022-40312HistoryDec 18, 2023 - 3:08 p.m.
CVE-2022-40312 WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Server Side Request Forgery (SSRF)
2023-12-1815:08:55
CWE-918
Patchstack
www.cve.org
3
wordpress
givewp
plugin
ssrf
vulnerable
CVSS3
5.5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
EPSS
0.001
Percentile
18.1%
Server-Side Request Forgery (SSRF) vulnerability in GiveWP GiveWP – Donation Plugin and Fundraising Platform.This issue affects GiveWP – Donation Plugin and Fundraising Platform: from n/a through 2.25.1.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "give",
"product": "GiveWP – Donation Plugin and Fundraising Platform",
"vendor": "GiveWP",
"versions": [
{
"changes": [
{
"at": "2.25.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.25.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-40312
2023-12-18 15:15:08
cve
cve
CVE-2022-40312
2023-12-18 15:15:08
wpvulndb
wpvulndb
GiveWP < 2.25.2 - Admin+ Server-Side Request Forgery
2023-03-08 00:00:00
openvas
openvas
WordPress GiveWP WordPress Plugin < 2.25.2 SSRF Vulnerability
2023-12-19 00:00:00
prion
prion
Server side request forgery (ssrf)
2023-12-18 15:15:00
wordfence
wordfence
CVSS3
5.5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
EPSS
0.001
Percentile
18.1%
Related for CVELIST:CVE-2022-40312