A vulnerability, which was classified as critical, has been found in Friends Plugin up to 2.8.5 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to server-side request forgery.
This vulnerability is handled as CVE-2024-1978. The attack needs to be done within the local network. There is no exploit available.