exploitDog

CVE-2022-42494

Опубликовано: 08 нояб. 2022

Источник: nvd

CVSS3: 3

CVSS3: 6.5

EPSS Низкий

Описание

Server Side Request Forgery (SSRF) vulnerability in All in One SEO Pro plugin <= 4.2.5.1 on WordPress.

Ссылки

https://aioseo.com/changelog/
Release Notes
Vendor Advisory
https://patchstack.com/database/vulnerability/all-in-one-seo-pack-pro/wordpress-all-in-one-seo-pro-plugin-4-2-5-1-server-side-request-forgery-ssrf-vulnerability?_s_id=cve
Third Party Advisory
https://aioseo.com/changelog/
Release Notes
Vendor Advisory
https://patchstack.com/database/vulnerability/all-in-one-seo-pack-pro/wordpress-all-in-one-seo-pro-plugin-4-2-5-1-server-side-request-forgery-ssrf-vulnerability?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:aioseo:all_in_one_seo:*:*:*:*:*:wordpress:*:*

Версия до 4.2.5.1 (включая)

EPSS

Процентиль: 72%

0.00734

Низкий

3 Low

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-918

CWE-918

Связанные уязвимости

GHSA-q6vq-gmhj-jj3v

CVSS3: 6.5

github

около 3 лет назад

Server Side Request Forgery (SSRF) vulnerability in All in One SEO Pro plugin <= 4.2.5.1 on WordPress.

EPSS

Процентиль: 72%

0.00734

Низкий

3 Low

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-918

CWE-918