CVE-2024-13845 | Gravity Forms WebHooks Plugin up to 1.6.0 on WordPress process_feed server-side request forgery

Inserito da Angelo Barbosa | Apr 30, 2025 | CVE

A vulnerability was found in Gravity Forms WebHooks Plugin up to 1.6.0 on WordPress. It has been classified as critical. Affected is the function process_feed. The manipulation leads to server-side request forgery.

This vulnerability is traded as CVE-2024-13845. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-13845 | Gravity Forms WebHooks Plugin up to 1.6.0 on WordPress process_feed server-side request forgery

Post correlati

CVE-2024-49352 | IBM Cognos Analytics up to 12.0.4 xml external entity reference

CVE-2024-0158 | Dell CPG BIOS prior 3.21.0 UEFI Variable input validation (dsa-2024-030)

CVE-2024-21652 | argocd up to 2.8.12/2.9.8/2.10.3 excessive authentication

CVE-2024-41481 | Typora up to 1.9.2 Mermaid cross site scripting