Lucene search

[email protected]NVD:CVE-2024-5021

HistoryJun 19, 2024 - 4:15 a.m.

CVE-2024-5021

2024-06-1904:15:13

[email protected]

web.nvd.nist.gov

wordpress

ssrf

plugin

vulnerability

web application

unauthenticated attackers

arbitrary locations

file_get_contents

internal services

CVSS3

9.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N

EPSS

0.001

Percentile

37.2%

JSON

The WordPress Picture / Portfolio / Media Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.0.1 via the ‘file_get_contents’ function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

References

plugins.trac.wordpress.org/browser/nimble-portfolio/trunk/includes/prettyphoto/download-image.php#L17

www.wordfence.com/threat-intel/vulnerabilities/id/224a2d6d-7fdc-43a8-a8c9-26213b604433?source=cve

CVSS3

9.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N

EPSS

0.001

Percentile

37.2%

JSON

Related for NVD:CVE-2024-5021

cvelist1 vulnrichment1 cve1 wordfence1