PT-2025-13181 · Unknown · Suiteplugins Video & Photo Gallery

Theviper17

Published

2025-03-27

Updated

2025-03-27

CVE-2025-22672

CVSS v3.1

4.9

Medium

Vector

AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions SuitePlugins Video & Photo Gallery for Ultimate Member versions 1.1.2 and earlier

Description The issue is a Server-Side Request Forgery (SSRF) vulnerability, which allows for Server Side Request Forgery. This means an attacker can potentially trick the server into making unauthorized requests.

Recommendations For versions 1.1.2 and earlier, update to a version that contains a fix for this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2025-22672

Affected Products

Suiteplugins Video & Photo Gallery

PT-2025-13181 · Unknown · Suiteplugins Video & Photo Gallery

CVE-2025-22672

Weakness Enumeration

Related Identifiers

Affected Products

References · 4