Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin JSM file_get_contents() Shortcode Server-Side Request Forgery - CVE-2023-6991 - Vulnerability Database
WP Plugin Wp File Get Contents

WordPress Plugin JSM file_get_contents() Shortcode Server-Side Request Forgery - CVE-2023-6991

Medium
Reference: CVE-2023-6991
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-6991
Title: WordPress Plugin JSM file_get_contents() Shortcode Server-Side Request Forgery
Overview:

WordPress Plugin JSM file_get_contents() Shortcode is prone to a server-side request forgery vulnerability. An attacker may leverage this issue to make the vulnerable server perform port scanning of hosts in internal or external networks other attacks are also possible. WordPress Plugin JSM file_get_contents() Shortcode version 2.7.0 is vulnerable prior versions may also be affected.