Lucene search
+L

5 matches found

Circl
Circl
added 2025/02/20 2:49 p.m.11 views

CVE-2025-1043

creationtimestamp| type| source ---|---|--- 2025-02-20 14:49:28+00:00| seen| https://t.me/cvedetector/18536 2025-02-20 23:26:54+00:00| seen| Telegram/PTOhxFVJBKf3mwqbfNg8QGoqLYG5vzoJiN6Uq9qlpyr3zMBh...

6.4CVSS8.7AI score0.00276EPSS
Exploits0References1
NVD
NVD
added 2025/02/20 12:15 p.m.11 views

CVE-2025-1043

The Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.5 via the 'embeddoc' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and...

6.4CVSS0.00276EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/20 11:9 a.m.4 views

CVE-2025-1043 Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files <= 2.7.5 - Authenticated (Contributor+) Blind Server-Side Request Forgery via embeddoc Shortcode

The Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.5 via the 'embeddoc' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and...

6.4CVSS6.2AI score0.00276EPSS
Exploits0References2
CVE
CVE
added 2025/02/20 11:9 a.m.62 views

CVE-2025-1043

CVE-2025-1043 – The WordPress plugin Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files is affected by a Server-Side Request Forgery (SSRF) in all versions up to 2.7.5 via the embeddoc shortcode. With Contributor-level access or higher, an authenticated attacker can cause the web ap...

6.4CVSS6.2AI score0.00276EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/20 11:9 a.m.25 views

CVE-2025-1043 Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files <= 2.7.5 - Authenticated (Contributor+) Blind Server-Side Request Forgery via embeddoc Shortcode

The Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.5 via the 'embeddoc' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and...

6.4CVSS0.00276EPSS
Exploits0References2
Rows per page
Query Builder