Lucene search
China National Vulnerability DatabaseCNVD-2022-59811HistoryMay 07, 2022 - 12:00 a.m.
WordPress HubSpot plugin server-side request forgery vulnerability
2022-05-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
15
wordpress
hubspot
php
ssrf
vulnerability
server-side request forgery
rest endpoint
exploit
attack
EPSS
0.001
Percentile
42.9%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. versions of the WordPress HubSpot plugin prior to 8.8.15 are vulnerable to server-side request forgery, which stems from the plugin’s failure to validate the proxy URL provided to the proxy REST endpoint. An attacker with the edit_posts feature could exploit this vulnerability to perform server-side request forgery attacks.
Related
prion
prion
Server side request forgery (ssrf)
2022-05-02 16:15:00
wpvulndb
wpvulndb
HubSpot < 8.8.15 - Contributor+ Blind SSRF
2022-04-11 00:00:00
wpexploit
wpexploit
HubSpot < 8.8.15 - Contributor+ Blind SSRF
2022-04-11 00:00:00
openvas
openvas
WordPress HubSpot Plugin < 8.8.15 SSRF Vulnerability
2022-05-11 00:00:00
cve
cve
CVE-2022-1239
2022-05-02 16:15:08
cvelist
cvelist
CVE-2022-1239 HubSpot < 8.8.15 - Contributor+ Blind SSRF
2022-05-02 16:05:49
nvd
nvd
CVE-2022-1239
2022-05-02 16:15:08
patchstack
patchstack