Lucene search

WpvulndbWPVDB-ID:66D538D2-A2C1-4A73-B96D-60A323DAFD1D

HistoryMay 07, 2024 - 12:00 a.m.

AI Engine < 2.1.5 - Authenticated (Editor+) Server-Side Request Forgery

2024-05-0700:00:00

wpscan.com

wordpress

vulnerable

editor-level access

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

Percentile

9.0%

JSON

Description The AI Engine plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.1.4 via the download_image function. This makes it possible for authenticated attackers, with editor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

References

www.wordfence.com/threat-intel/vulnerabilities/id/206d343d-6ed6-461c-bf7d-cf5011ed956f

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

Percentile

9.0%

JSON

Related for WPVDB-ID:66D538D2-A2C1-4A73-B96D-60A323DAFD1D