Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor External Media Without Import Project Subscribe
Filtered by product External Media Without Import
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1398 1 External Media Without Import Project 1 External Media Without Import 2022-05-24 4.0 MEDIUM 6.5 MEDIUM
The External Media without Import WordPress plugin through 1.1.2 does not have any authorisation and does to ensure that medias added via URLs are external medias, which could allow any authenticated users, such as subscriber to perform blind SSRF attacks