CVE-2024-5031 | Memberpress Plugin up to 1.11.29 on WordPress Shortcode mepr-user-file server-side request forgery

Posted by Angelo Barbosa | May 22, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Memberpress Plugin up to 1.11.29 on WordPress. Affected by this issue is the function mepr-user-file of the component Shortcode Handler. The manipulation leads to server-side request forgery.

This vulnerability is handled as CVE-2024-5031. The attack can only be done within the local network. There is no exploit available.

CVE-2024-5031 | Memberpress Plugin up to 1.11.29 on WordPress Shortcode mepr-user-file server-side request forgery

Related Posts

CVE-2023-49923 | Elastic Enterprise Search up to 7.17.15/8.11.1 Documents API log file

CVE-2022-4966 | sequentech admin-console up to 6.1.7 Election Description cross site scripting (292/293)

CVE-2024-30552 | wppdf Responsive flipbook Plugin up to 1.0.0 on WordPress cross site scripting

CVE-2024-28795 | IBM InfoSphere Information Server 11.7 Web UI cross site scripting (XFDB-286832)