Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/03/09 9:28 a.m.14 views

CVE-2024-13857

The WPGet API – Connect to any external REST API plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locatio...

5.5CVSS6.5AI score0.00305EPSS
Exploits0References1
Circl
Circl
added 2025/03/07 12:25 p.m.4 views

CVE-2024-13857

creationtimestamp| type| source ---|---|--- 2025-03-07 12:25:39+00:00| seen| https://t.me/cvedetector/19801 2025-03-07 14:38:27+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6837 2025-03-08 04:34:56+00:00| seen| Telegram/nBki0DXBUKl37j3HGBXr4i9WlIHFlSXArqngbavIgCQbwHrH...

5.5CVSS8.7AI score0.00305EPSS
Exploits0References2
NVD
NVD
added 2025/03/07 10:15 a.m.13 views

CVE-2024-13857

The WPGet API – Connect to any external REST API plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locatio...

5.5CVSS0.00305EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/07 9:21 a.m.15 views

CVE-2024-13857 WPGet API <= 2.2.10 - Authenticated (Administrator+) Server-Side Request Forgery

The WPGet API – Connect to any external REST API plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locatio...

5.5CVSS0.00305EPSS
Exploits0References3
CVE
CVE
added 2025/03/07 9:21 a.m.94 views

CVE-2024-13857

CVE-2024-13857 – WordPress WPGet API plugin (≤ v2.2.10) is affected by an authenticated SSRF vulnerability. An Administrator+ user can make web requests from the WordPress host to internal or external targets, potentially exposing/modifying internal data. Connected sources confirm the affected pl...

5.5CVSS6.8AI score0.00305EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/07 9:21 a.m.15 views

CVE-2024-13857 WPGet API <= 2.2.10 - Authenticated (Administrator+) Server-Side Request Forgery

The WPGet API – Connect to any external REST API plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locatio...

5.5CVSS6.8AI score0.00305EPSS
Exploits0References3
Rows per page
Query Builder