CVE-2020-24147
Description
Server-side request forgery (SSR) vulnerability in the WP Smart Import (wp-smart-import) plugin 1.0.0 for WordPress.
VulnerabilityType Other
Server-side request forgery
Vendor of Product
Xylus Themes
Affected Product Code Base
Wordpress Plugin: wp-smart-import - 1.0.0
Attack Type
Remote
Impact Denial of Service
true
Impact Information Disclosure
true
Reference
- https://wordpress.org/plugins/wp-smart-import/#developers
- https://github.com/secwx/research/blob/main/cve/CVE-2020-24147.md
Has vendor confirmed or acknowledged the vulnerability?
true
Discoverer
Suzhou Aurora Infinity Information Technology Co., Ltd.