The Dropbox Folder Share plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.9.7 via the 'link' parameter. This can allow unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Metrics
Affected Vendors & Products
References
History
Wed, 25 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Hyno
Hyno dropbox Folder Share |
|
CPEs | cpe:2.3:a:hyno:dropbox_folder_share:*:*:*:*:*:*:*:* | |
Vendors & Products |
Hyno
Hyno dropbox Folder Share |
|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2023-09-16T08:31:30.152Z
Updated: 2024-09-25T13:44:03.123Z
Reserved: 2023-05-31T21:35:33.039Z
Link: CVE-2023-3025
Vulnrichment
Updated: 2024-08-02T06:41:04.071Z
NVD
Status : Modified
Published: 2023-09-16T09:15:07.447
Modified: 2024-11-21T08:16:16.200
Link: CVE-2023-3025
Redhat
No data.