CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46641 – WordPress 12 Step Meeting List Plugin <= 3.14.24 is vulnerable to Server Side Request Forgery (SSRF)
https://notcve.org/view.php?id=CVE-2023-46641
27 Nov 2023 — Server-Side Request Forgery (SSRF) vulnerability in Code for Recovery 12 Step Meeting List.This issue affects 12 Step Meeting List: from n/a through 3.14.24. Vulnerabilidad de Server-Side Request Forgery (SSRF) en Code for Recovery 12 Step Meeting List. Este problema afecta a 12 Step Meeting List: desde n/a hasta 3.14.24. The 12 Step Meeting List plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.14.24 via the tsml_add_data_source parameter. This makes ... • https://patchstack.com/database/vulnerability/12-step-meeting-list/wordpress-12-step-meeting-list-plugin-3-14-24-server-side-request-forgery-ssrf-vulnerability?_s_id=cve • CWE-918: Server-Side Request Forgery (SSRF) •