Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/02/17 3:20 p.m.11 views

CVE-2024-13834

The Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.4 via the 'remoterequest' function. This makes it possible for authenticated attacker...

5.4CVSS9.1AI score0.00254EPSS
Exploits0References1
nvd
nvd
added 2025/02/15 3:15 p.m.19 views

CVE-2024-13834

The Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.4 via the 'remoterequest' function. This makes it possible for authenticated attacker...

5.4CVSS0.00254EPSS
Exploits0References2
circl
circl
added 2025/02/15 2:23 p.m.9 views

CVE-2024-13834

creationtimestamp| type| source ---|---|--- 2025-02-15 14:23:03+00:00| seen| https://infosec.exchange/users/cve/statuses/114008351209049483 2025-02-15 15:15:43+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li7z3w2y2u2o 2025-02-15 16:12:23+00:00| seen|...

5.4CVSS8.7AI score0.00254EPSS
Exploits0References6
cvelist
cvelist
added 2025/02/15 2:21 p.m.22 views

CVE-2024-13834 Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme <= 3.1.4 - Authenticated (Contributor+) Blind Server-Side Request Forgery via remote_request

The Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.4 via the 'remoterequest' function. This makes it possible for authenticated attacker...

5.4CVSS0.00254EPSS
Exploits0References2
cve
cve
added 2025/02/15 2:21 p.m.47 views

CVE-2024-13834

CVE-2024-13834 refers to a Server-Side Request Forgery in the WordPress plugin Responsive Plus (starter templates/advanced features/customizer) up to version 3.1.4, exploitable by an authenticated user with contributor+ rights via the remote_request function. The vulnerability allows web requests...

5.4CVSS6.6AI score0.00254EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder