Vulnerabilities (CVE)

Filtered by vendor Surniaulula Subscribe
Filtered by product Jsm File Get Contents\(\) Shortcode
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-6991 1 Surniaulula 1 Jsm File Get Contents\(\) Shortcode 2024-11-21 N/A 8.8 HIGH
The JSM file_get_contents() Shortcode WordPress plugin before 2.7.1 does not validate one of its shortcode's parameters before making a request to it, which could allow users with contributor role and above to perform SSRF attacks.