CVE-2024-5031 | Memberpress Plugin up to 1.11.29 on WordPress Shortcode mepr-user-file server-side request forgery

Inserito da Angelo Barbosa | Mag 22, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Memberpress Plugin up to 1.11.29 on WordPress. Affected by this issue is the function mepr-user-file of the component Shortcode Handler. The manipulation leads to server-side request forgery.

This vulnerability is handled as CVE-2024-5031. The attack can only be done within the local network. There is no exploit available.

CVE-2024-5031 | Memberpress Plugin up to 1.11.29 on WordPress Shortcode mepr-user-file server-side request forgery

Post correlati

CVE-2024-9793 | Tenda AC1206 up to 15.03.06.23 /goform/ate ate_iwpriv_set/ate_ifconfig_set command injection

CVE-2024-1778 | Admin Side Data Storage for Contact Form 7 Plugin up to 1.1.1 on WordPress Bookmark Status authorization

CVE-2024-7891 | Floating Contact Button Plugin up to 2.7 on WordPress Setting cross site scripting

CVE-2023-6460 | nodejs-firestore up to 6.1.0 insecure storage of sensitive information