Print My Blog Plugin up to 1.6.6 on WordPress site Server-Side Request Forgery – DigitalMunition




Exploit Cybersecurity study of the dark web exposes vulnerability to machine identities -- ScienceDaily

Published on April 28th, 2019 📆 | 7656 Views ⚑

0

Print My Blog Plugin up to 1.6.6 on WordPress site Server-Side Request Forgery

CVSS Meta Temp Score Current Exploit Price (≈)
5.3 $0-$5k

A vulnerability has been found in Print My Blog Plugin up to 1.6.6 on WordPress (Plugin Software) and classified as critical. This vulnerability affects a functionality. The manipulation of the argument site as part of a Parameter leads to a privilege escalation vulnerability (SSRF). The CWE definition for the vulnerability is CWE-918. As an impact it is known to affect confidentiality, integrity, and availability.

The weakness was released 04/27/2019. This vulnerability was named CVE-2019-11565 since 04/27/2019. There are known technical details, but no exploit is available.

Upgrading to version 1.6.7 eliminates this vulnerability.

Name

VulDB Meta Base Score: 5.5
VulDB Meta Temp Score: 5.3

VulDB Base Score: ≈5.5
VulDB Temp Score: ≈5.3
VulDB Vector: ?
VulDB Reliability: ?

VulDB Base Score: ?
VulDB Temp Score: ?
VulDB Reliability: ?
Class: Privilege escalation / SSRF (CWE-918)
Local: Yes
Remote: No

Availability: ?
Status: Not defined

Price Prediction: ?
Current Price Estimation: ?

Threat Intelligenceinfoedit

Threat: ?
Adversaries: ?
Geopolitics: ?
Economy: ?
Predictions: ?
Remediation: ?Recommended: Upgrade
Status: ?
0-Day Time: ?

Upgrade: Print My Blog Plugin 1.6.7

04/27/2019 Advisory disclosed
04/27/2019 +0 days CVE assigned
04/28/2019 +1 days VulDB entry created
04/28/2019 +0 days VulDB last updateCVE: CVE-2019-11565 (?)Created: 04/28/2019 10:29 AM
Complete: ?

See the underground prices here!

https://vuldb.com/?id.134176

Download Best WordPress Themes Free Download
Free Download WordPress Themes
Download WordPress Themes Free
Download WordPress Themes Free
free download udemy paid course

Tagged with:



Leave a Reply ✍


loading...