Vulnerabilities > CVE-2021-39339 - Unspecified vulnerability in Telefication
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
LOW Summary
The Telefication WordPress plugin is vulnerable to Open Proxy and Server-Side Request Forgery via the ~/bypass.php file due to a user-supplied URL request value that gets called by a curl requests. This affects versions up to, and including, 1.8.0.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |