Unrated severityNVD Advisory· Published Apr 20, 2021· Updated Aug 4, 2024
CVE-2020-35313
CVE-2020-35313
Description
A server-side request forgery (SSRF) vulnerability in the addCustomThemePluginRepository function in index.php in WonderCMS 3.1.3 allows remote attackers to execute arbitrary code via a crafted URL to the theme/plugin installer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WonderCMS/WonderCMSdescription
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/160310/WonderCMS-3.1.3-Code-Execution-Server-Side-Request-Forgery.htmlmitrex_refsource_MISC
- zetc0de.github.io/post/authenticated-rce-ssrf-wondercms/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.