Lucene search
K

3 matches found

Vulnrichment
Vulnrichment
added 2024/08/01 4:29 a.m.15 views

CVE-2024-2090 Remote Content Shortcode <= 1.5 - Authenticated (Contributor+) Server-Side Request Forgery

The Remote Content Shortcode plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5 via the remotecontent shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary...

6.4CVSS6.7AI score0.0026EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/01 4:29 a.m.39 views

CVE-2024-2090 Remote Content Shortcode <= 1.5 - Authenticated (Contributor+) Server-Side Request Forgery

The Remote Content Shortcode plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5 via the remotecontent shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary...

6.4CVSS0.0026EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/08/01 12:0 a.m.21 views

WordPress Remote Content Shortcode Plugin <= 1.5 is vulnerable to Server Side Request Forgery (SSRF)

Software Remote Content Shortcode Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-2090 Patch priority Low CVSS severity Low 6.4 Developer Claim ownership PSID 1a39ce70a128 Credits Francesco Carlucci Require...

6.4CVSS7AI score0.0026EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder