WordPress ZD YouTube FLV Player plugin <= 1.2.6 - Server-Side Request Forgery vulnerability

Server-Side Request Forgery vulnerability discovered by Mike in WordPress Plugin ZD YouTube FLV Player versions = 1.2.6...

CVE-2024-2663 ZD YouTube FLV Player <= 1.2.6 - Server-Side Request Forgery

The ZD YouTube FLV Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.6 via the $GET'image' parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web...

CVE-2024-2663 ZD YouTube FLV Player <= 1.2.6 - Server-Side Request Forgery

The ZD YouTube FLV Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.6 via the $GET'image' parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web...

WordPress ZD YouTube FLV Player Plugin <= 1.2.6 is vulnerable to Server Side Request Forgery (SSRF)

Software ZD YouTube FLV Player Type Plugin Vulnerable versions = 1.2.6 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-2663 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID 49305c6b35a4 Credits Mike Required privile...

WordPress plugin ZD YouTube FLV Player 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...