02 Aoû 2021
Vulnérabilité CVE-2021-24472 CVE Vulnerability
The OnAir2 WordPress theme before 3.9.9.2 and QT KenthaRadio WordPress plugin before 2.0.2 have exposed proxy functionality to unauthenticated users, sending requests to this proxy functionality will have the web server fetch and display the content from any URI, this would allow for SSRF (Server Side Request Forgery) and RFI (Remote File Inclusion) vulnerabilities on the website. (CVSS:0.0) (Last Update:2021-08-02)
Vulnerability Details : The OnAir2 WordPress theme before 3.9.9.2 and QT KenthaRadio WordPress plugin before 2.0.2 have exposed proxy functionality to unauthenticated users, sending requests to this proxy functionality will have the web server fetch and display the content from any URI, this would allow for SSRF (Server Side Request Forgery) and RFI (Remote File Inclusion) vulnerabilities on the website. Publish Date : 2021-08-02 Last Update Date : 2021-08-02 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2021-24472
- References For CVE-2021-24472
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2021-24472There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |