VYPR

plugin:focus

by WordPress

CVEs (1)

  • CVE-2024-3448MedApr 10, 2024
    risk 0.33cvss 5.0epss 0.00

    Users with low privileges can perform certain AJAX actions. In this vulnerability instance, improper access to ajax?action=plugin:focus:checkIframeAvailability leads to a Server-Side Request Forgery by analyzing the error messages returned from the back-end. Allowing an…