3 matches found
CVE-2024-13845
creationtimestamp| type| source ---|---|--- 2025-05-01 05:14:24+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14235 2025-05-01 05:56:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lo3msleryd2e 2025-05-01 08:58:37+00:00| seen| https://t.me/cvedetector/24183...
CVE-2024-13845 Gravity Forms WebHooks <= 1.6.0 - Authenticated (Admin+) Server-Side Request Forgery via Webhook
The Gravity Forms WebHooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.0 via the 'processfeed' method of the GFWebhooks class This makes it possible for authenticated attackers, with Administrator-level access and above, to make web...
WordPress Gravity Forms WebHooks plugin <= 1.6.0 - Authenticated (Admin+) Server-Side Request Forgery via Webhook vulnerability
Authenticated Admin+ Server-Side Request Forgery via Webhook vulnerability discovered by Francesco Carlucci in WordPress Plugin Gravity Forms WebHooks versions = 1.6.0...