2 matches found
CVE-2024-4789 Cost Calculator Builder Pro <= 3.1.72 - Authenticated (Subscriber+) Server-Side Request Forgery
Cost Calculator Builder Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to 3.1.72, via the senddemowebhook function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to arbitrary locations...
WordPress Cost Calculator Builder Pro Plugin <= 3.1.72 is vulnerable to Server Side Request Forgery (SSRF)
Software Cost Calculator Builder Pro Type Plugin Vulnerable versions = 3.1.72 Fixed in 3.1.73 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-4789 Patch priority Medium CVSS severity Medium 6.4 Developer Claim ownership PSID eba410ca734c Credits haidv35...