4 matches found
CVE-2023-1895
The CVE-2023-1895 entry concerns the Getwid – Gutenberg Blocks WordPress plugin. Affected versions: up to and including 1.8.3; vulnerability is Server Side Request Forgery via the get_remote_content REST API endpoint. Exploitation requires subscriber-level or higher authentication, enabling web r...
WordPress Getwid – Gutenberg Blocks Plugin <= 1.8.3 is vulnerable to Server Side Request Forgery (SSRF)
Software Getwid – Gutenberg Blocks Type Plugin Vulnerable versions = 1.8.3 Fixed in 1.8.4 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2023-1895 Patch priority Medium CVSS severity Medium 5 Developer Claim ownership PSID 688f43f1f9c1 Credits Ramuel Gall...
WordPress Getwid Gutenberg Blocks 1.8.3 Improper Authorization / SSRF
On April 6, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for two vulnerabilities in Getwid – Gutenberg Blocks, a plugin installed on over 50,000 WordPress sites. The plugin’s developers responded immediately, and we sent over the full disclosure the sa...
Oracle Linux 8 : java-11-openjdk (ELSA-2023-1895)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1895 advisory. 1:11.0.19.0.7-1 - Update to jdk-11.0.19.0+7 - Update release notes to 11.0.19.0+7 - Require tzdata 2023c due to local inclusion of JDK-8274864 &...