Description

A Blind SSRF vulnerability exists in the "Crawl Meta Data" functionality of SEO Panel version 4.10.0. This makes it possible for remote attackers to scan ports in the local environment.

Remediation

References

CVE-2024-22648

Related Vulnerabilities

WordPress Plugin Anthologize Cross-Site Scripting (0.7.7)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3668)

b2evolution Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-5480)

WordPress Uncontrolled Resource Consumption Vulnerability (CVE-2018-6389)

WordPress Plugin Attached images title editor Cross-Site Scripting (1.1.1)

Severity

Medium

Classification

CVE-2024-22648 CWE-918 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities