CVE-2024-13924

Name of the Vulnerable Software and Affected Versions The Starter Templates by FancyWP plugin for WordPress versions prior to 2.1

Description The issue allows unauthenticated attackers to make web requests to arbitrary locations originating from the web application. This can be used to query and modify information from internal services via the http request host is external filter.

Recommendations For versions prior to 2.1, update to version 2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the http request host is external filter until a patch is available.