CVE-2024-41305 | WonderCMS 3.4.3 Plugins Page pluginThemeUrl server-side request forgery

Posted by Angelo Barbosa | Jul 30, 2024 | CVE

A vulnerability classified as critical has been found in WonderCMS 3.4.3. This affects an unknown part of the component Plugins Page. The manipulation of the argument pluginThemeUrl leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2024-41305. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-41305 | WonderCMS 3.4.3 Plugins Page pluginThemeUrl server-side request forgery

Related Posts

CVE-2024-0931 | Tenda AC10U 15.03.06.49_multi_TDE01 saveParentControlInfo deviceId/time/urls stack-based overflow

CVE-2024-21604 | Juniper Junos OS Evolved Kernel allocation of resources (JSA75745)

CVE-2023-38292 | TCL 20XE access control

CVE-2024-2082 | EleForms Plugin up to 2.9.9.7 on WordPress cross site scripting