Description

WordPress Plugin All in One Social Lite is prone to a server-side request forgery vulnerability. An attacker may leverage this issue to make the vulnerable server perform port scanning of hosts in internal or external networks; other attacks are also possible. WordPress Plugin All in One Social Lite version 1.0 is vulnerable.

Remediation

Edit the source code to ensure that input is properly validated or disable the plugin until a fix is available

References

https://codevigilant.com/disclosure/wp-plugin-all-in-one-social-lite-ssrfxspa/

Related Vulnerabilities

ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-9049)

WordPress Plugin 3D Product configurator for WooCommerce Arbitrary File Upload (1.5.531)

WordPress Plugin WordPress Popups for Marketing and Email Newsletters, Lead Generation and Conversions by OptinMonster Cross-Site Scripting (2.6.0)

WordPress 4.5.x Same Origin Method Execution (SOME) Vulnerability (4.5 - 4.5.1)

WordPress Plugin Remove WP Update Nags Security Bypass (1.3.0)

Severity

High

Classification

CWE-918 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Missing Update SSRF