4 matches found
CVE-2023-7073
The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the uploadtolibrary AJAX action. This makes it possible for authenticated attackers, with author-level access and above, to make web reques...
CVE-2023-7073 Auto Featured Image (Auto Post Thumbnail) <= 4.1.7 - Authenticated (Author+) Server-Side Request Forgery
The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the uploadtolibrary AJAX action. This makes it possible for authenticated attackers, with author-level access and above, to make web reques...
CVE-2023-7073 Auto Featured Image (Auto Post Thumbnail) <= 4.1.7 - Authenticated (Author+) Server-Side Request Forgery
The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the uploadtolibrary AJAX action. This makes it possible for authenticated attackers, with author-level access and above, to make web reques...
CVE-2023-7073
The CVE-2023-7073 entry concerns the WordPress plugin Auto Featured Image (Auto Post Thumbnail) prior to or including version 4.0.0. It is exposed to Server-Side Request Forgery via the upload_to_library AJAX action, enabling authenticated attackers with author-level access and above to trigger w...