Lucene search
WpvulndbWPVDB-ID:5849A5C0-9705-45B4-80F6-81A194C9664AHistoryApr 13, 2021 - 12:00 a.m.
Video Downloader for TikTok < 1.4 - Server Side Request Forgery (SSRF) & Local File Inclusion (LFI)
2021-04-1300:00:00
wpscan.com
10
0.002 Low
EPSS
Percentile
64.8%
The plugin is vulnerable to SSRF or LFI attacks via the njt-tk-download-video parameter sent by the user not being properly sanitized before used in code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| downloader-tiktok | lt | 1.4 |
Related
cvelist
cvelist
CVE-2020-24143
2021-07-07 13:35:50
CVE-2020-24142
2021-07-07 13:35:05
nvd
nvd
CVE-2020-24143
2021-07-07 14:15:09
CVE-2020-24142
2021-07-07 14:15:09
prion
prion
Server side request forgery (ssrf)
2021-07-07 14:15:00
Directory traversal
2021-07-07 14:15:00
cve
cve
CVE-2020-24143
2021-07-07 14:15:09
CVE-2020-24142
2021-07-07 14:15:09