PT-2023-21139 · Unknown · Darren Cooney Instant Images

Universe

Publicado

2023-11-22

Atualizado

2023-11-27

CVE-2023-27451

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Darren Cooney Instant Images plugin versions <= 5.1.0.2

Description The issue is related to a Server-Side Request Forgery (SSRF) vulnerability. This means an attacker could potentially force the server to make requests to arbitrary domains, which could lead to unauthorized access to sensitive data or systems.

Recommendations For Darren Cooney Instant Images plugin versions <= 5.1.0.2, update to a version higher than 5.1.0.2 to resolve the issue.

Correção

SSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-918

Identificadores relacionados

CVE-2023-27451

Produtos afetados

Darren Cooney Instant Images

PT-2023-21139 · Unknown · Darren Cooney Instant Images

CVE-2023-27451

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3