3 matches found
CVE-2024-2090 Remote Content Shortcode <= 1.5 - Authenticated (Contributor+) Server-Side Request Forgery
The Remote Content Shortcode plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5 via the remotecontent shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary...
CVE-2024-2090 Remote Content Shortcode <= 1.5 - Authenticated (Contributor+) Server-Side Request Forgery
The Remote Content Shortcode plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5 via the remotecontent shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary...
WordPress Remote Content Shortcode Plugin <= 1.5 is vulnerable to Server Side Request Forgery (SSRF)
Software Remote Content Shortcode Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-2090 Patch priority Low CVSS severity Low 6.4 Developer Claim ownership PSID 1a39ce70a128 Credits Francesco Carlucci Require...