Filtered by vendor Surniaulula Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-6991 1 Surniaulula 1 Jsm File Get Contents\(\) Shortcode 2024-11-21 8.8 High
The JSM file_get_contents() Shortcode WordPress plugin before 2.7.1 does not validate one of its shortcode's parameters before making a request to it, which could allow users with contributor role and above to perform SSRF attacks.