5 matches found
CVE-2024-27561
A Server-Side Request Forgery SSRF in the installUpdateThemePluginAction function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the installThemePlugin parameter...
Server side request forgery (ssrf)
A Server-Side Request Forgery SSRF in the getFileFromRepo function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter...
CVE-2024-27561
A Server-Side Request Forgery SSRF in the installUpdateThemePluginAction function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the installThemePlugin parameter...
CVE-2024-27561
WonderCMS (version 3.1.3) is affected by a Server-Side Request Forgery (SSRF) in the installUpdateThemePluginAction function. The vulnerability allows an attacker to coerce the application into making arbitrary outbound requests by injecting crafted URLs into the installThemePlugin parameter. Pub...
CVE-2024-27563
A Server-Side Request Forgery SSRF in the getFileFromRepo function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter...