TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2025-46531

MEDIUM
4.9

Beschreibung

Server-Side Request Forgery (SSRF) vulnerability in Ankur Vishwakarma WP AVCL Automation Helper (formerly WPFlyLeads) allows Server Side Request Forgery. This issue affects WP AVCL Automation Helper (formerly WPFlyLeads): from n/a through 3.4.

CVE Details

CVSS v3.1 Bewertung4.9
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
AngriffsvektorNETWORK
KomplexitatHIGH
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht4/24/2025
Zuletzt geandert4/29/2025
Quellenvd
Honeypot-Sichtungen0

Schwachen (CWE)

CWE-918

Referenzen

https://patchstack.com/database/wordpress/plugin/woozap/vulnerability/wordpress-wp-avcl-automation-helper-formerly-wpflyleads-3-4-server-side-request-forgery-ssrf-vulnerability?_s_id=cve(audit@patchstack.com)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.