CVE-2019-16932

Critical

A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data.

mitre·CWE-918·Published 2019-09-30

CVSS

10.0

EPSS

0.39

KEV

Exploits

cve.orgen

124 chars

A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data.

NVDen

124 chars

A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data.

Se presenta una vulnerabilidad de SSRF ciega en el plugin Visualizer versiones anteriores a 3.3.1 para WordPress por medio del archivo wp-json/visualizer/v1/upload-data.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N
3.1	Primary	NVD	10.0	3.9	5.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N