4
CVE-2021-24371
- EPSS 1.01%
- Veröffentlicht 02.08.2021 11:15:08
- Zuletzt bearbeitet 21.11.2024 05:52:56
- Quelle contact@wpscan.com
- CVE-Watchlists
- Unerledigt
LoginRSVPMaker < 8.7.3 - Authenticated (admin+) SSRF
RSVPMaker <= 8.7.2 - Server-Side Request Forgery
The Import feature of the RSVPMaker WordPress plugin before 8.7.3 (/wp-admin/tools.php?page=rsvpmaker_export_screen) takes an URL input and calls curl on it, without first validating it to ensure it's a remote one. As a result, a high privilege user could use that feature to scan the internal network via a SSRF attack.
Mögliche Gegenmaßnahme
RSVPMaker: Update to version 8.7.4, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Carrcommunications ≫ Rsvpmaker SwPlatformwordpress Version < 8.7.3
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
RSVPMaker
Version
[*, 8.7.3)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.01% | 0.586 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.7 | 1.2 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
CWE-918 Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
https://codevigilant.com/disclosure/2021/wp-plugin-rsvpmaker/
https://wpscan.com/vulnerability/63be225c-ebee-4cac-b43e-cf033ee7425d
https://www.wordfence.com/threat-intel/vulnerabilities/id/027fa70f-8777-4a0b-b2aa-18bcdcd99cbf