WordPress Plugin Import XML and RSS Feeds Server-Side Request Forgery - CVE-2020-24148 - Vulnerability Database

WordPress Plugin Import XML and RSS Feeds Server-Side Request Forgery - CVE-2020-24148

Medium

Reference: CVE-2020-24148

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-24148

Title: WordPress Plugin Import XML and RSS Feeds Server-Side Request Forgery

Overview:

WordPress Plugin Import XML and RSS Feeds is prone to a server-side request forgery vulnerability. An attacker may leverage this issue to make the vulnerable server perform port scanning of hosts in internal or external networks other attacks are also possible. WordPress Plugin Import XML and RSS Feeds version 2.0.2 is vulnerable prior versions may also be affected.