2 matches found
WordPress Skitter Slideshow Plugin <= 2.5.2 is vulnerable to Server Side Request Forgery (SSRF)
Software Skitter Slideshow Type Plugin Vulnerable versions = 2.5.2 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-1751 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID 248ddea6bcba Credits Bartu Utku SARP Required...
CVE-2022-1751 Skitter Slideshow <= 2.5.2 - Unauthenticated Server-Side Request Forgery
The Skitter Slideshow plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.2 via the /image.php file. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and ca...