Lucene search
WpvulndbWPVDB-ID:FBEDD0B1-A622-4114-AB94-9575797B0C9EHistoryNov 24, 2023 - 12:00 a.m.
Starter Templates <= 3.2.4 - Authenticated (Contributor+) Server-Side Request Forgery
2023-11-2400:00:00
wpscan.com
3
wordpress
ssrf
plugin
vulnerability
contributor+
authenticated
Description The Starter Templates (free and premium) plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.2.4 via the remote_request. This can allow authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Related
prion
prion
Server side request forgery (ssrf)
2023-12-07 11:15:00
nvd
nvd
CVE-2023-41804
2023-12-07 11:15:07
cve
cve
CVE-2023-41804
2023-12-07 11:15:07
openvas
openvas
WordPress Premium Starter Templates Plugin < 3.2.5 SSRF Vulnerability
2023-12-15 00:00:00
WordPress Premium Starter Templates Plugin < 3.2.5 SSRF Vulnerability
2023-12-13 00:00:00
WordPress Starter Templates Plugin < 3.2.5 SSRF Vulnerability
2023-12-13 00:00:00
cvelist
cvelist
wordfence
wordfence
6.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
14.2%
Related for WPVDB-ID:FBEDD0B1-A622-4114-AB94-9575797B0C9E