Vulnerabilities > CVE-2020-24147 - Server-Side Request Forgery (SSRF) vulnerability in Xylusthemes WP Smart Import 1.0.0

047910
CVSS 9.1 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
xylusthemes
CWE-918
critical
NVD
Published: 2021-07-07
Updated: 2023-09-28

Summary

Server-side request forgery (SSR) vulnerability in the WP Smart Import (wp-smart-import) plugin 1.0.0 for WordPress via the file field.

Vulnerable Configurations

Part Description Count
Application
Xylusthemes
1

Common Weakness Enumeration (CWE)

References