Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:57 a.m.11 views

CVE-2023-6294

The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations...

7.5CVSS6.6AI score0.00812EPSS
Exploits2
Patchstack
Patchstack
added 2024/02/13 12:0 a.m.18 views

WordPress Popup Builder Plugin < 4.2.6 is vulnerable to Server Side Request Forgery (SSRF)

Software Popup Builder Type Plugin Vulnerable versions 4.2.6 Fixed in 4.2.6 OWASP Top 10 A1: Broken Access Control Classification Server Side Request Forgery SSRF CVE CVE-2023-6294 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID 573393918c2e Credits Sebastian Neef Required...

7.5CVSS6.6AI score0.00812EPSS
Exploits2References4Affected Software1
Circl
Circl
added 2024/02/12 5:22 p.m.9 views

CVE-2023-6294

creationtimestamp| type| source ---|---|--- 2024-02-12 17:22:01+00:00| seen| https://t.me/ctinow/183275...

7.5CVSS4.8AI score0.00812EPSS
Exploits2References1
OSV
OSV
added 2024/02/12 4:15 p.m.4 views

CVE-2023-6294

The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations...

7.2CVSS5.8AI score0.00812EPSS
Exploits2References1
CVE
CVE
added 2024/02/12 4:6 p.m.91 views

CVE-2023-6294

The CVE-2023-6294 entry concerns the WordPress Popup Builder plugin before version 4.2.6. The vulnerability arises from not validating a parameter before making a request, enabling an SSRF attack in multisite WordPress configurations when an administrator user is present. Affected component: Popu...

7.5CVSS6.6AI score0.00812EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/12 4:6 p.m.25 views

CVE-2023-6294 popup-builder < 4.2.6 - Admin+ SSRF & File Read

The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations...

6.7AI score0.00812EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/02/12 4:6 p.m.37 views

CVE-2023-6294 popup-builder < 4.2.6 - Admin+ SSRF & File Read

The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations...

6.6AI score0.00812EPSS
Exploits2References1
Rows per page
Query Builder