CVE-2022-1977
The CVE pertains to the WordPress plugin “WP Ultimate CSV Importer”. Affected versions are prior to 6.5.3, where importing files via a URL is not fully validated before the HTTP request, enabling high-privilege users (e.g., admins) to perform blind SSRF. Impact is described as server-side request...