The Import feature of the RSVPMaker WordPress plugin before 8.7.3 (/wp-admin/tools.php?page=rsvpmaker_export_screen) takes an URL input and calls curl on it, without first validating it to ensure it's a remote one. As a result, a high privilege user could use that feature to scan the internal network via a SSRF attack.
References
| Link | Resource |
|---|---|
| https://codevigilant.com/disclosure/2021/wp-plugin-rsvpmaker/ | Exploit Patch Third Party Advisory |
| https://wpscan.com/vulnerability/63be225c-ebee-4cac-b43e-cf033ee7425d | Exploit Third Party Advisory |
Configurations
History
30 Sep 2023, 03:05
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Carrcommunications
Carrcommunications rsvpmaker |
|
| CPE | cpe:2.3:a:carrcommunications:rsvpmaker:*:*:*:*:*:wordpress:*:* |
10 Aug 2021, 01:02
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:rsvpmaker_project:rsvpmaker:*:*:*:*:*:wordpress:*:* | |
| CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 2.7 |
| References | (MISC) https://codevigilant.com/disclosure/2021/wp-plugin-rsvpmaker/ - Exploit, Patch, Third Party Advisory | |
| References | (MISC) https://wpscan.com/vulnerability/63be225c-ebee-4cac-b43e-cf033ee7425d - Exploit, Third Party Advisory | |
| CWE | CWE-918 |
02 Aug 2021, 11:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2021-08-02 11:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-24371
Mitre link : CVE-2021-24371
CVE.ORG link : CVE-2021-24371
JSON object : View
Products Affected
carrcommunications
- rsvpmaker
CWE
CWE-918
Server-Side Request Forgery (SSRF)