Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:22 p.m.11 views

CVE-2021-24472

The OnAir2 WordPress theme before 3.9.9.2 and QT KenthaRadio WordPress plugin before 2.0.2 have exposed proxy functionality to unauthenticated users, sending requests to this proxy functionality will have the web server fetch and display the content from any URI, this would allow for SSRF Server...

9.8CVSS7.2AI score0.56614EPSS
Exploits2References1
Circl
Circl
added 2021/08/02 2:27 p.m.8 views

CVE-2021-24472

creationtimestamp| type| source ---|---|--- 2021-08-02 14:27:23+00:00| seen| https://t.me/cibsecurity/26656 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-24472.yaml...

9.8CVSS8.7AI score0.56614EPSS
Exploits2References2
CVE
CVE
added 2021/08/02 10:32 a.m.124 views

CVE-2021-24472

Affected software: OnAir2 WordPress theme before 3.9.9.2 and QT KenthaRadio WordPress plugin before 2.0.2. Root cause: exposed proxy functionality to unauthenticated users that fetches content from any URI, enabling SSRF and RFI. Impact: potential remote inclusion and server-side request forgery ...

9.8CVSS9.8AI score0.56614EPSS
Exploits2References1Affected Software2
Cvelist
Cvelist
added 2021/08/02 10:32 a.m.39 views

CVE-2021-24472 Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Unauthenticated RFI and SSRF

The OnAir2 WordPress theme before 3.9.9.2 and QT KenthaRadio WordPress plugin before 2.0.2 have exposed proxy functionality to unauthenticated users, sending requests to this proxy functionality will have the web server fetch and display the content from any URI, this would allow for SSRF Server...

9.9AI score0.56614EPSS
Exploits2References1
Rows per page
Query Builder