CVE-2024-23825

Published: Jan 30, 2024Modified: Nov 21, 2024

4.9

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.2 / Impact: 3.6

Source: NVD

Description

TablePress is a table plugin for Wordpress. For importing tables, TablePress makes external HTTP requests based on a URL that is provided by the user. That user input is filtered insufficiently, which makes it is possible to send requests to unintended network locations and receive responses. On sites in a cloud environment like AWS, an attacker can potentially make GET requests to the instance's metadata REST API. If the instance's configuration is insecure, this can lead to the exposure of internal data, including credentials. This vulnerability is fixed in 2.2.5.

Affected (1)

Products: Tablepress: Tablepress

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Tablepress Tablepress	Before 2.2.5

Related CWEs

Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (4)

https://github.com/TablePress/TablePress/commit/62aab50e7a9c486caaeff26dff4dc01e059ecb91

Source: security-advisories@github.com

Patch

https://github.com/TablePress/TablePress/security/advisories/GHSA-x8rf-c8x6-mrpg

Source: security-advisories@github.com

ExploitVendor Advisory

https://github.com/TablePress/TablePress/commit/62aab50e7a9c486caaeff26dff4dc01e059ecb91

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://github.com/TablePress/TablePress/security/advisories/GHSA-x8rf-c8x6-mrpg

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

Timeline

No history available yet.