Lucene search
WpvulndbWPEX-ID:4977ABCE-12C7-4EF4-9BDD-B76E42E78F23HistoryJun 06, 2023 - 12:00 a.m.
Getwid < 1.8.4 - Subscriber+ SSRF
2023-06-0600:00:00
wpvulndb
53
getwid ssrf vulnerability
subscriber+
version 1.8.4
exploit
remote content retrieval
0.001 Low
EPSS
Percentile
45.6%
The plugin does not validate a parameter via the get_remote_content REST API endpoint before making a request to it, which could allow any authenticated users, such as subscriber to perform SSRF attack. Note: We do not consider flushing of cache to be a security issue, therefore CVE-2023-1910 has not been added.
https://example.com/?rest_route=/getwid/v1/get_remote_content&get_content_url=http://127.0.0.1/Related
wpvulndb
wpvulndb
Getwid < 1.8.4 - Subscriber+ SSRF
2023-06-06 00:00:00
packetstorm
packetstorm
WordPress Getwid Gutenberg Blocks 1.8.3 Improper Authorization / SSRF
2023-06-06 00:00:00
wordfence
wordfence
prion
prion
Design/Logic Flaw
2023-06-09 06:15:00
Server side request forgery (ssrf)
2023-06-09 06:15:00
nvd
nvd
CVE-2023-1910
2023-06-09 06:15:59
CVE-2023-1895
2023-06-09 06:15:58
cve
cve
CVE-2023-1910
2023-06-09 06:15:59
CVE-2023-1895
2023-06-09 06:15:58
cvelist
cvelist
CVE-2023-1910
2023-06-09 05:33:20
CVE-2023-1895
2023-06-09 05:33:38