CVE-2021-24371

RSVPMaker < 8.7.3 - Authenticated (admin+) SSRF

EPSS 1.0%CWE-918

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 1.0%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

02 Aug 2021Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

The Import feature of the RSVPMaker WordPress plugin before 8.7.3 (/wp-admin/tools.php?page=rsvpmaker_export_screen) takes an URL input and calls curl on it, without first validating it to ensure it's a remote one. As a result, a high privilege user could use that feature to scan the internal network via a SSRF attack.

Affected products

Unknown · RSVPMaker

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://codevigilant.com/disclosure/2021/wp-plugin-rsvpmaker/https://wpscan.com/vulnerability/63be225c-ebee-4cac-b43e-cf033ee7425d