WordPress Fusion Builder plugin < 3.6.2 - Unauthenticated Server-Side Request Forgery (SSRF) vulnerability

2022-04-1900:00:00

Calum Elrick

patchstack.com

0.222 Low

EPSS

Percentile

96.5%

Unauthenticated Server-Side Request Forgery (SSRF) vulnerability discovered by Calum Elrick in WordPress Fusion Builder plugin (versions < 3.6.2).

Solution

           Update the WordPress Fusion Builder plugin to the latest available version (at least 3.6.2).

CPENameOperatorVersion
fusion builderlt3.6.2

CPE	Name	Operator	Version
	fusion builder	lt	3.6.2

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1386

www.rootshellsecurity.net/rootshell-discovered-a-critical-vulnerability-in-top-wordpress-theme/

0.222 Low

EPSS

Percentile

96.5%

Related for PATCHSTACK:ED3ECD50B5031BB1B4743D6871BC9CF9