3 matches found
CVE-2024-4354
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3 via the getfilestoimport function. This makes it possible for authenticated attackers, with author-level access and above, to make web request...
CVE-2024-4354
CVE-2024-4354 concerns the WordPress plugin TablePress (
WordPress TablePress Plugin <= 2.3.1 is vulnerable to Server Side Request Forgery (SSRF)
Software TablePress Type Plugin Vulnerable versions = 2.3.1 Fixed in 2.3.2 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-4354 Patch priority Low CVSS severity Low 6.4 Developer TablePress PSID e683cfb42286 Credits Tobias Weißhaar kun19 Required privilege...