Lucene search
K

4 matches found

NVD
NVD
added 2025/01/26 7:15 a.m.16 views

CVE-2024-10705

The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpgdownloadfilebylink' function. This makes it possible for authenticated attackers, with editor-level access and above, to make web...

8.1CVSS0.0033EPSS
Exploits0References2
CVE
CVE
added 2025/01/26 6:41 a.m.52 views

CVE-2024-10705

CVE-2024-10705 affects the WordPress plugin “Multiple Page Generator Plugin – MPG” with vulnerability in all versions up to 4.0.5. The flaw is Server-Side Request Forgery (SSRF) via the mpg_download_file_by_link function, allowing authenticated attackers with editor-level access or higher to trig...

8.1CVSS5.3AI score0.0033EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/01/26 6:41 a.m.23 views

CVE-2024-10705 Multiple Page Generator Plugin – MPG <= 4.0.5 - Authenticated (Editor+) Server-Side Request Forgery via fileUrl

The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpgdownloadfilebylink' function. This makes it possible for authenticated attackers, with editor-level access and above, to make web...

5.4CVSS0.0033EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/26 6:41 a.m.12 views

CVE-2024-10705 Multiple Page Generator Plugin – MPG <= 4.0.5 - Authenticated (Editor+) Server-Side Request Forgery via fileUrl

The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpgdownloadfilebylink' function. This makes it possible for authenticated attackers, with editor-level access and above, to make web...

5.4CVSS6.3AI score0.0033EPSS
Exploits0References2
Rows per page
Query Builder