Lucene search
PatchstackCVELIST:CVE-2024-25915HistoryFeb 23, 2024 - 11:47 a.m.
CVE-2024-25915 WordPress Pexels: Free Stock Photos Plugin <= 1.2.2 is vulnerable to Server Side Request Forgery (SSRF)
2024-02-2311:47:58
CWE-918
Patchstack
www.cve.org
3
cve-2024-25915
wordpress
pexels
free stock photos
plugin
ssrf
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
AI Score
5.5
Confidence
High
EPSS
0
Percentile
9.0%
Server-Side Request Forgery (SSRF) vulnerability in Raaj Trambadia Pexels: Free Stock Photos.This issue affects Pexels: Free Stock Photos: from n/a through 1.2.2.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-pexels-free-stock-photos",
"product": "Pexels: Free Stock Photos",
"vendor": "Raaj Trambadia",
"versions": [
{
"lessThanOrEqual": "1.2.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
vulnrichment
vulnrichment
cve
cve
CVE-2024-25915
2024-02-23 12:15:46
prion
prion
Server side request forgery (ssrf)
2024-02-23 12:15:00
nvd
nvd
CVE-2024-25915
2024-02-23 12:15:46
wordfence
wordfence
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
AI Score
5.5
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVELIST:CVE-2024-25915