A Server-Side Request Forgery (SSRF) in the Plugins Page of WonderCMS v3.4.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter.
References
Configurations
History
21 Nov 2024, 09:32
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/patrickdeanramos/WonderCMS-version-3.4.3-is-vulnerable-to-Server-Side-Request-Forgery - Exploit |
08 Aug 2024, 14:36
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:wondercms:wondercms:3.4.3:*:*:*:*:*:*:* | |
CWE | CWE-918 | |
References | () https://github.com/patrickdeanramos/WonderCMS-version-3.4.3-is-vulnerable-to-Server-Side-Request-Forgery - Exploit | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.7 |
First Time |
Wondercms wondercms
Wondercms |
01 Aug 2024, 13:58
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.1 |
CWE | CWE-352 |
31 Jul 2024, 12:57
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
30 Jul 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-30 18:15
Updated : 2024-11-21 09:32
NVD link : CVE-2024-41305
Mitre link : CVE-2024-41305
CVE.ORG link : CVE-2024-41305
JSON object : View
Products Affected
wondercms
- wondercms