Vulnerability DatabaseCVE-2022-3708
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2022-3708
October 28, 2022
The Web Stories plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including 1.24.0 due to insufficient validation of URLs supplied via the 'url' parameter found via the /v1/hotlink/proxy REST API Endpoint. This makes it possible for authenticated users to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Related ResourcesĀ (5)
https://github.com/GoogleForCreators/web-stories-wp/commit/3ad2099f95155d658624ffac2e34ce0da739e34b
https://wordpress.org/plugins/web-stories
https://www.wordfence.com/threat-intel/vulnerabilities/id/7817a840-325a-4709-8374-84bb32d98d0e?source=cve
https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-3708
https://github.com/GoogleForCreators/web-stories-wp/compare/v1.24.0...v1.25.0
Do you need more information?
Contact Us
CVSS v4
Base Score:
9.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
NONE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
HIGH
Vulnerable System Availability
NONE
Subsequent System Confidentiality
HIGH
Subsequent System Integrity
HIGH
Subsequent System Availability
NONE
CVSS v3
Base Score:
9.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
NONE
Weakness Type (CWE)
Server-Side Request Forgery (SSRF)
CWE-918
EPSS
Base Score:
0.59