CVE-2024-10814

Code Embed <= 2.5 - Authenticated (Contributor+) Server-Side Request Forgery

Severity Score

6.4

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

The Code Embed plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5 via the ce_get_file() function. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

*Credits: Max Boll

CVSS Scores

Wordfencev3.1 6.4

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-11-04 CVE Reserved
2024-11-08 CVE Published
2024-11-09 EPSS Updated
2024-11-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-918: Server-Side Request Forgery (SSRF)

CAPEC

References (3)

URL	Tag	Source
https://plugins.trac.wordpress.org/browser/simple-embed-code/trunk/includes/add-embeds.php#L145
https://plugins.trac.wordpress.org/changeset/3182609
https://www.wordfence.com/threat-intel/vulnerabilities/id/0e1e17c9-b9ee-495a-be49-9aa88f8023a2?source=cve

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Dartiss Search vendor "Dartiss"		Code Embed Search vendor "Dartiss" for product "Code Embed"				<= 2.5 Search vendor "Dartiss" for product "Code Embed" and version " <= 2.5"		en		Affected