CVE-2023-5877 | WP-FeedStats affiliate-toolkit Plugin up to 3.4.2 on WordPress atkp_imagereceiver.php server-side request forgery

Posted by Angelo Barbosa | Jan 1, 2024 | CVE

A vulnerability was found in WP-FeedStats affiliate-toolkit Plugin up to 3.4.2 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality of the file affiliate-toolkit-starter/tools/atkp_imagereceiver.php. The manipulation leads to server-side request forgery.

This vulnerability is handled as CVE-2023-5877. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-5877 | WP-FeedStats affiliate-toolkit Plugin up to 3.4.2 on WordPress atkp_imagereceiver.php server-side request forgery

Related Posts

CVE-2024-31267 | WP Desk Flexible Checkout Fields for WooCommerce Plugin up to 4.1.2 on WordPress authorization

CVE-2024-25533 | RuvarOA 6.01/12.01 OfficeFileUpdate.aspx information exposure

CVE-2024-40786 | Apple macOS User Information information disclosure

CVE-2024-5741 | Checkmk up to 2.1.0p44/2.2.0p27/2.3.0p6 Inventory Tree Renderer cross site scripting