Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2025/05/23 4:57 a.m.11 views

CVE-2023-6294

The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations...

7.5CVSS6.6AI score0.00812EPSS
Exploits2
patchstack
patchstack
added 2024/02/13 12:0 a.m.18 views

WordPress Popup Builder Plugin < 4.2.6 is vulnerable to Server Side Request Forgery (SSRF)

Software Popup Builder Type Plugin Vulnerable versions 4.2.6 Fixed in 4.2.6 OWASP Top 10 A1: Broken Access Control Classification Server Side Request Forgery SSRF CVE CVE-2023-6294 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID 573393918c2e Credits Sebastian Neef Required...

7.5CVSS6.6AI score0.00812EPSS
Exploits2References4Affected Software1
circl
circl
added 2024/02/12 5:22 p.m.9 views

CVE-2023-6294

creationtimestamp| type| source ---|---|--- 2024-02-12 17:22:01+00:00| seen| https://t.me/ctinow/183275...

7.5CVSS4.8AI score0.00812EPSS
Exploits2References1
osv
osv
added 2024/02/12 4:15 p.m.5 views

CVE-2023-6294

The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations...

7.2CVSS5.8AI score0.00812EPSS
Exploits2References1
cve
cve
added 2024/02/12 4:6 p.m.92 views

CVE-2023-6294

The CVE-2023-6294 entry concerns the WordPress Popup Builder plugin before version 4.2.6. The vulnerability arises from not validating a parameter before making a request, enabling an SSRF attack in multisite WordPress configurations when an administrator user is present. Affected component: Popu...

7.5CVSS6.6AI score0.00812EPSS
Exploits2References1Affected Software1
vulnrichment
vulnrichment
added 2024/02/12 4:6 p.m.26 views

CVE-2023-6294 popup-builder < 4.2.6 - Admin+ SSRF & File Read

The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations...

6.7AI score0.00812EPSS
Exploits2References1
cvelist
cvelist
added 2024/02/12 4:6 p.m.38 views

CVE-2023-6294 popup-builder < 4.2.6 - Admin+ SSRF & File Read

The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations...

6.6AI score0.00812EPSS
Exploits2References1
Rows per page
Query Builder