CVE-2023-7253 Import WP < 2.13.1 - Admin+ Server-side Request Forgery

2024-04-2405:00:01

WPScan

github.com

cve-2023-7253

import wp

wordpress plugin

ssrf

vulnerability

administrator role

multisite configurations

6.7 Medium

AI Score

Confidence

Low

JSON

The Import WP WordPress plugin before 2.13.1 does not prevent users with the administrator role from pinging conducting SSRF attacks, which may be a problem in multisite configurations.

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "Import WP ",
    "versions": [
      {
        "status": "affected",
        "versionType": "semver",
        "version": "0",
        "lessThan": "2.13.1"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

wpscan.com/vulnerability/aeefcc01-bbbf-4d86-9cfd-ea0f9a85e1a5/

6.7 Medium

AI Score

Confidence

Low

JSON

Related for VULNRICHMENT:CVE-2023-7253