Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:11 a.m.6 views

CVE-2023-7073

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the uploadtolibrary AJAX action. This makes it possible for authenticated attackers, with author-level access and above, to make web reques...

6.4CVSS6AI score0.0026EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/31 2:31 p.m.29 views

CVE-2023-7073 Auto Featured Image (Auto Post Thumbnail) <= 4.1.7 - Authenticated (Author+) Server-Side Request Forgery

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the uploadtolibrary AJAX action. This makes it possible for authenticated attackers, with author-level access and above, to make web reques...

6.4CVSS6.5AI score0.0026EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/31 2:31 p.m.16 views

CVE-2023-7073 Auto Featured Image (Auto Post Thumbnail) <= 4.1.7 - Authenticated (Author+) Server-Side Request Forgery

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the uploadtolibrary AJAX action. This makes it possible for authenticated attackers, with author-level access and above, to make web reques...

6.4CVSS6AI score0.0026EPSS
Exploits0References2
CVE
CVE
added 2024/05/31 2:31 p.m.30 views

CVE-2023-7073

The CVE-2023-7073 entry concerns the WordPress plugin Auto Featured Image (Auto Post Thumbnail) prior to or including version 4.0.0. It is exposed to Server-Side Request Forgery via the upload_to_library AJAX action, enabling authenticated attackers with author-level access and above to trigger w...

6.4CVSS6AI score0.0026EPSS
Exploits0References2
Rows per page
Query Builder