[WordPress WooVIP - Membership plugin for WordPress and WooCommerce Plugin](versions 4.6.6 and older) Vulnerability to Server-Side Request Forgery (SSRF)

Importance (CVSS3.0)

★★★★★★★★☆☆ 8.2 / 10 - High

Details

A Server-Side Request Forgery (SSRF) vulnerability was discovered in WordPress WooVIP - Membership plugin for WordpRess and WooCommerce Plugin.

This vulnerability may allow malicious attackers to execute a website request to their arbitrary domain.

This vulnerability hasn’t been fixed yet.

Solutions

Deactivate and delete.

This plugin has been terminated.

Source

CVE-2023-40700

We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.

“[WordPress WooVIP - Membership plugin for WordPress and WooCommerce Plugin](versions 4.6.6 and older) Vulnerability to Server-Side Request Forgery (SSRF) ”, by WS Security is licensed under CC BY 4.0.