1 results (0.009 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Server-Side Request Forgery (SSRF) vulnerability in NiteoThemes CMP – Coming Soon & Maintenance.This issue affects CMP – Coming Soon & Maintenance: from n/a through 4.1.10. Vulnerabilidad de Server-Side Request Forgery (SSRF) en NiteoThemes CMP – Coming Soon & Maintenance. Este problema afecta a CMP – Próximamente y mantenimiento: desde n/a hasta 4.1.10. The CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.10. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services. • https://patchstack.com/database/vulnerability/cmp-coming-soon-maintenance/wordpress-cmp-coming-soon-maintenance-plugin-by-niteothemes-plugin-4-1-10-server-side-request-forgery-ssrf-vulnerability?_s_id=cve • CWE-918: Server-Side Request Forgery (SSRF) •