Lucene search
Dmitrii IgnatyevWPEX-ID:0B92BECB-8A47-48FD-82E8-F7641CF5C9BCHistoryDec 21, 2023 - 12:00 a.m.
JSM file_get_contents() Shortcode < 2.7.1 - Contributor+ SSRF
2023-12-2100:00:00
Dmitrii Ignatyev
57
jsm file_get_contents shortcode vulnerability ssrf exploit trojan horse wordpress security
Description The plugin does not validate one of its shortcode’s parameters before making a request to it, which could allow users with contributor role and above to perform SSRF attacks.
[wpfgc url="http://127.0.0.1:8084"]Related
prion
prion
Server side request forgery (ssrf)
2024-01-15 16:15:00
nvd
nvd
CVE-2023-6991
2024-01-15 16:15:12
CVE-2023-5442
2024-01-04 19:15:08
wpvulndb
wpvulndb
JSM file_get_contents() Shortcode < 2.7.1 - Contributor+ SSRF
2023-12-21 00:00:00
cvelist
cvelist
CVE-2023-6991 JSM file_get_contents() Shortcode < 2.7.1 - Contributor+ SSRF
2024-01-15 15:10:41
cve
cve
CVE-2023-6991
2024-01-15 16:15:12
CVE-2023-5442
2024-01-04 19:15:08
wordfence
wordfence
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
19.3%
Related for WPEX-ID:0B92BECB-8A47-48FD-82E8-F7641CF5C9BC