exploitDog

GHSA-2m7w-32cj-4pj7

Опубликовано: 14 окт. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 3.8

Описание

The Pz-LinkCard WordPress plugin before 2.5.7 does not validate a parameter before making a request to it, which could allow users with a role as low as Contributor to perform SSRF attack.

The Pz-LinkCard WordPress plugin before 2.5.7 does not validate a parameter before making a request to it, which could allow users with a role as low as Contributor to perform SSRF attack.

Ссылки

EPSS

Процентиль: 10%

0.00035

Низкий

3.8 Low

CVSS3

CVE ID

Связанные уязвимости

CVE-2025-8594

CVSS3: 3.8

nvd

4 месяца назад

The Pz-LinkCard WordPress plugin before 2.5.7 does not validate a parameter before making a request to it, which could allow users with a role as low as Contributor to perform SSRF attack.

EPSS

Процентиль: 10%

0.00035

Низкий

3.8 Low

CVSS3

CVE ID