Vulnerabilities > Google > WEB Stories > 1.24.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-08 | CVE-2023-1979 | Incorrect Authorization vulnerability in Google web Stories The Web Stories for WordPress plugin supports the WordPress built-in functionality of protecting content with a password. | 6.5 |
| 2022-10-28 | CVE-2022-3708 | Server-Side Request Forgery (SSRF) vulnerability in Google web Stories The Web Stories plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including 1.24.0 due to insufficient validation of URLs supplied via the 'url' parameter found via the /v1/hotlink/proxy REST API Endpoint. | 8.1 |