3 matches found
CVE-2024-1568
The CVE CVE-2024-1568 affects the Seraphinite Accelerator plugin for WordPress. It enables SSRF via OnAdminApi_HtmlCheck in all versions up to 2.20.52, allowing authenticated users with subscriber-level access or higher to issue web requests from the web application to arbitrary internal location...
CVE-2024-1568 Seraphinite Accelerator <= 2.20.52 - Authenticated (Subscriber+) Server-Side Request Forgery in OnAdminApi_HtmlCheck
The Seraphinite Accelerator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.20.52 via the OnAdminApiHtmlCheck function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to...
WordPress Seraphinite Accelerator Plugin <= 2.20.52 is vulnerable to Server Side Request Forgery (SSRF)
Software Seraphinite Accelerator Type Plugin Vulnerable versions = 2.20.52 Fixed in 2.21 OWASP Top 10 A1: Broken Access Control Classification Server Side Request Forgery SSRF CVE CVE-2024-1568 Patch priority Medium CVSS severity Medium 6.4 Developer Claim ownership PSID 699713e041d9 Credits Luci...