Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin WP Smart Import: Import any XML File to WordPress Server-Side Request Forgery - CVE-2020-24147 - Vulnerability Database
WP Plugin Wp Smart Import

WordPress Plugin WP Smart Import: Import any XML File to WordPress Server-Side Request Forgery - CVE-2020-24147

High
Reference: CVE-2020-24147
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-24147
Title: WordPress Plugin WP Smart Import: Import any XML File to WordPress Server-Side Request Forgery
Overview:

WordPress Plugin WP Smart Import: Import any XML File to WordPress is prone to a server-side request forgery vulnerability. An attacker may leverage this issue to make the vulnerable server perform port scanning of hosts in internal or external networks other attacks are also possible. WordPress Plugin WP Smart Import: Import any XML File to WordPress version 1.0.0 is vulnerable.