CVE-2021-39339

Name of the Vulnerable Software and Affected Versions: Telefication WordPress plugin versions up to, and including, 1.8.0

Description: The issue arises from a user-supplied URL request value that gets called by curl requests, leading to Open Proxy and Server-Side Request Forgery via the ~/bypass.php file.

Recommendations: For versions up to, and including, 1.8.0, update to a version higher than 1.8.0 to resolve the issue. As a temporary workaround, consider restricting access to the ~/bypass.php file until a patch is available.