CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49159 – WordPress CommentLuv Plugin <= 3.0.4 is vulnerable to Server Side Request Forgery (SSRF)
https://notcve.org/view.php?id=CVE-2023-49159
28 Nov 2023 — Server-Side Request Forgery (SSRF) vulnerability in Elegant Digital Solutions CommentLuv.This issue affects CommentLuv: from n/a through 3.0.4. Vulnerabilidad de Server-Side Request Forgery (SSRF) en Elegant Digital Solutions CommentLuv. Este problema afecta a CommentLuv: desde n/a hasta 3.0.4. The CommentLuv plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.0.4 via the do_click function. This makes it possible for unauthenticated attackers to make web... • https://patchstack.com/database/vulnerability/commentluv/wordpress-commentluv-plugin-3-0-4-server-side-request-forgery-ssrf-vulnerability?_s_id=cve • CWE-918: Server-Side Request Forgery (SSRF) •