Vulnerabilities > Ninjateam

DATE	CVE	VULNERABILITY TITLE	RISK
2021-07-07	CVE-2020-24142	Server-Side Request Forgery (SSRF) vulnerability in Ninjateam Video Downloader for Tiktok 1.3 Server-side request forgery in the Video Downloader for TikTok (aka downloader-tiktok) plugin 1.3 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the njt-tk-download-video parameter. network low complexity ninjateam CWE-918	7.5
2021-07-07	CVE-2020-24143	Path Traversal vulnerability in Ninjateam Video Downloader for Tiktok 1.3 Directory traversal in the Video Downloader for TikTok (aka downloader-tiktok) plugin 1.3 for WordPress lets an attacker get access to files that are stored outside the web root folder via the njt-tk-download-video parameter. network low complexity ninjateam CWE-22	5.0

Vulnerabilities > Ninjateam {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ninjateam"}]}