TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2025-49985

MEDIUM
4.9

Beschreibung

Server-Side Request Forgery (SSRF) vulnerability in Ali Irani Auto Upload Images allows Server Side Request Forgery. This issue affects Auto Upload Images: from n/a through 3.3.2.

CVE Details

CVSS v3.1 Bewertung4.9
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
AngriffsvektorNETWORK
KomplexitatHIGH
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht6/20/2025
Zuletzt geandert6/23/2025
Quellenvd
Honeypot-Sichtungen0

Schwachen (CWE)

CWE-918

Referenzen

https://patchstack.com/database/wordpress/plugin/auto-upload-images/vulnerability/wordpress-auto-upload-images-plugin-3-3-2-server-side-request-forgery-ssrf-vulnerability?_s_id=cve(audit@patchstack.com)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.