4 matches found
CVE-2022-41609
Auth. subscriber+ Server-Side Request Forgery SSRF vulnerability in Better Messages plugin 1.9.10.68 on WordPress...
CVE-2022-41609 WordPress Better Messages plugin <= 1.9.10.68 - Server-Side Request Forgery (SSRF) vulnerability
Auth. subscriber+ Server-Side Request Forgery SSRF vulnerability in Better Messages plugin 1.9.10.68 on WordPress...
CVE-2022-41609 WordPress Better Messages plugin <= 1.9.10.68 - Server-Side Request Forgery (SSRF) vulnerability
Auth. subscriber+ Server-Side Request Forgery SSRF vulnerability in Better Messages plugin 1.9.10.68 on WordPress...
CVE-2022-41609
The CVE concerns the WordPress Better Messages plugin, version 1.9.10.68 or earlier, which is vulnerable to an authenticated Server-Side Request Forgery (SSRF) when access is allowed to subscribers. The root cause involves the plugin validating parameters before making external/internal requests,...