[WordPress Confirm Data Plugin](versions 1.0.7 and older) Vulnerability to Server-Side Request Forgery (SSRF)

Importance (CVSS3.0)

★★★★★★★★☆☆ 8.2 / 10 - High

Details

A Server-Side Request Forgery (SSRF) vulnerability was discovered in the WordPress Confirm Data Plugin.

This vulnerability may allow malicious attackers to execute website requests to their arbitrary domain.

This vulnerability hasn’t been fixed yet.

Solutions

There is no patched version available.

Source

CVE-2023-40700

We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.

“[WordPress Confirm Data Plugin](versions 1.0.7 and older) Vulnerability to Server-Side Request Forgery (SSRF) ”, by WS Security is licensed under CC BY 4.0.