7 matches found
CVE-2023-6294
The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations...
WordPress Popup Builder Plugin < 4.2.6 is vulnerable to Server Side Request Forgery (SSRF)
Software Popup Builder Type Plugin Vulnerable versions 4.2.6 Fixed in 4.2.6 OWASP Top 10 A1: Broken Access Control Classification Server Side Request Forgery SSRF CVE CVE-2023-6294 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID 573393918c2e Credits Sebastian Neef Required...
CVE-2023-6294
creationtimestamp| type| source ---|---|--- 2024-02-12 17:22:01+00:00| seen| https://t.me/ctinow/183275...
CVE-2023-6294
The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations...
CVE-2023-6294
The CVE-2023-6294 entry concerns the WordPress Popup Builder plugin before version 4.2.6. The vulnerability arises from not validating a parameter before making a request, enabling an SSRF attack in multisite WordPress configurations when an administrator user is present. Affected component: Popu...
CVE-2023-6294 popup-builder < 4.2.6 - Admin+ SSRF & File Read
The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations...
CVE-2023-6294 popup-builder < 4.2.6 - Admin+ SSRF & File Read
The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations...