Lucene search
IBLISS Digital SecurityWPVDB-ID:1B640519-75E1-48CB-944E-B9BFF9DE6D3DHistoryJun 02, 2022 - 12:00 a.m.
WP Ultimate CSV Importer < 6.5.3 - Admin+ Blind SSRF
2022-06-0200:00:00
IBLISS Digital Security
wpscan.com
14
csv importer
ssrf
vulnerability
admin
validation
http request
privilege escalation
EPSS
0.001
Percentile
38.3%
The plugin does not fully validate the file to be imported via an URL before making an HTTP request to it, which could allow high privilege users such as admin to perform Blind SSRF attacks
PoC
Put an internal/LAN URL such as below in the file upload by URL function https://127.0.0.1:8080 http://192.168.0.224:8181/?u=https://docs.google.com/
Related
cvelist
cvelist
CVE-2022-1977 WP Ultimate CSV Importer < 6.5.3 - Admin+ Blind SSRF
2022-06-27 08:59:05
nvd
nvd
CVE-2022-1977
2022-06-27 09:15:10
cnvd
cnvd
WordPress WP Ultimate CSV Importer跨站请求伪造漏洞
2022-06-30 00:00:00
prion
prion
Server side request forgery (ssrf)
2022-06-27 09:15:00
patchstack
patchstack
cve
cve
CVE-2022-1977
2022-06-27 09:15:10
wpexploit
wpexploit
WP Ultimate CSV Importer < 6.5.3 - Admin+ Blind SSRF
2022-06-02 00:00:00