Medium severity5.4NVD Advisory· Published Feb 26, 2024· Updated Apr 8, 2026
CVE-2024-1758
CVE-2024-1758
Description
The SuperFaktura WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.40.3 via the wc_sf_url_check function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. CVE-2024-32803 appears to be a duplicate of this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:superfaktura:superfaktura_woocommerce:*:*:*:*:*:wordpress:*:*Range: <1.40.4
- Range: <=1.40.3
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.