Culqi < 3.0.15 - Authenticated (Subscriber+) Server-Side Request Forgery

Description The Culqi plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.0.14 via the getmerchants function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to arbitrary locatio...

WordPress plugin Culqi 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

WordPress Culqi plugin <= 3.0.14 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Culqi versions = 3.0.14...

WordPress Culqi Plugin <= 3.0.14 is vulnerable to Server Side Request Forgery (SSRF)

Software Culqi Type Plugin Vulnerable versions = 3.0.14 Fixed in 3.0.15 OWASP Top 10 A10: Server-Side Request Forgery SSRF Classification Server Side Request Forgery SSRF CVE CVE-2024-32819 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID 7fa7358f041a Credits Majed Refaea...