Lucene search
+L

4 matches found

Cvelist
Cvelist
added 2024/07/23 6:0 a.m.27 views

CVE-2024-4260 CoBlocks < 3.1.12 - Contributor+ SSRF

The Page Builder Gutenberg Blocks WordPress plugin before 3.1.12 does not prevent users from pinging arbitrary hosts via some of its shortcodes, which could allow high privilege users such as contributors to perform SSRF attacks...

0.00541EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/23 6:0 a.m.16 views

CVE-2024-4260 CoBlocks < 3.1.12 - Contributor+ SSRF

The Page Builder Gutenberg Blocks WordPress plugin before 3.1.12 does not prevent users from pinging arbitrary hosts via some of its shortcodes, which could allow high privilege users such as contributors to perform SSRF attacks...

6.5AI score0.00541EPSS
Exploits1References1
CVE
CVE
added 2024/07/23 6:0 a.m.67 views

CVE-2024-4260

CVE-2024-4260 concerns the WordPress plugin Page Builder Gutenberg Blocks (CoBlocks) , prior to version 3.1.12. The issue arises from the plugin not restricting pinging to arbitrary hosts via some of its shortcodes, potentially enabling a high-privilege user (e.g., a Contributor) to perform an SS...

6.5CVSS6.5AI score0.00541EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/07/23 12:0 a.m.14 views

WordPress CoBlocks Plugin < 3.1.12 is vulnerable to Server Side Request Forgery (SSRF)

Software CoBlocks Type Plugin Vulnerable versions 3.1.12 Fixed in 3.1.12 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-4260 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID 9551e8b9e50a Credits Dmitrii Ignatyev Required privilege...

6.5CVSS7AI score0.00541EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder