CVE-2023-38515 WordPress Church Admin Plugin <= 3.7.56 is vulnerable to Server Side Request Forgery (SSRF)

🗓️ 13 Nov 2023 02:32:33Reported by PatchstackType

WordPress Church Admin Plugin 3.7.56 SSRF vulnerabilit

Reporter	Title	Published	Views	Family All 12
CNNVD	WordPress Plugin Church Admin Code Issue Vulnerability	13 Nov 202300:00	–	cnnvd
CVE	CVE-2023-38515	13 Nov 202302:32	–	cve
EUVD	EUVD-2023-42315	3 Oct 202520:07	–	euvd
NVD	CVE-2023-38515	13 Nov 202303:15	–	nvd
OSV	CVE-2023-38515	13 Nov 202303:15	–	osv
Patchstack	WordPress Church Admin Plugin <= 3.7.56 is vulnerable to Server Side Request Forgery (SSRF)	26 Jul 202300:00	–	patchstack
Prion	Server side request forgery (ssrf)	13 Nov 202303:15	–	prion
Positive Technologies	PT-2023-26492 · Unknown · Church Admin	13 Nov 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-38515	23 May 202505:17	–	redhatcve
Vulnrichment	CVE-2023-38515 WordPress Church Admin Plugin <= 3.7.56 is vulnerable to Server Side Request Forgery (SSRF)	13 Nov 202302:32	–	vulnrichment

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "church-admin",
    "product": "Church Admin",
    "vendor": "Andy Moyle",
    "versions": [
      {
        "changes": [
          {
            "at": "3.8.0",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "3.7.56",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-3-7-56-server-side-request-forgery-ssrf-vulnerability

28 Apr 2026 16:08Current

5.9Medium risk

Vulners AI Score5.9

CVSS 3.15.5

EPSS0.00421

CWE-918