Lucene search
K

4 matches found

NVD
NVD
added 11 hours ago6 views

CVE-2026-12517

The Fediverse Embeds WordPress plugin before 1.5.8 does not validate the destination of the server-side request performed by an unauthenticated site-info endpoint before fetching it, allowing anonymous users the gating nonce is exposed on public pages carrying an embed to make the site request...

5.3CVSS
Exploits0References1
Cvelist
Cvelist
added 12 hours ago7 views

CVE-2026-12517 Fediverse Embeds < 1.5.8 - Unauthenticated SSRF via Site Info Endpoint

The Fediverse Embeds WordPress plugin before 1.5.8 does not validate the destination of the server-side request performed by an unauthenticated site-info endpoint before fetching it, allowing anonymous users the gating nonce is exposed on public pages carrying an embed to make the site request...

Exploits0References1
CVE
CVE
added 12 hours ago6 views

CVE-2026-12517

CVE-2026-12517 : The Fediverse Embeds WordPress plugin is vulnerable to a Server-Side Request Forgery (SSRF) because the destination of a server-side request from the unauthenticated site-info endpoint is not validated. This allows anonymous users to trigger requests to internal/private network U...

5.3CVSS5.8AI score
Exploits0References1
EUVD
EUVD
added 12 hours ago4 views

EUVD-2026-42513

The Fediverse Embeds WordPress plugin before 1.5.8 does not validate the destination of the server-side request performed by an unauthenticated site-info endpoint before fetching it, allowing anonymous users the gating nonce is exposed on public pages carrying an embed to make the site request...

5.3CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder