CVE-2020-24148
Description
Server-side request forgery (SSRF) in the Import XML and RSS Feeds (import-xml-feed) plugin 2.0.1 for WordPress.
VulnerabilityType Other
Server-side request forgery
Vendor of Product
Moove Agency
Affected Product Code Base
Wordpress plugin: import-xml-feed - 2.0.1
Attack Type
Remote
Impact Denial of Service
true
Impact Information Disclosure
true
Reference
- https://wordpress.org/plugins/import-xml-feed/#developers
- https://github.com/secwx/research/blob/main/cve/CVE-2020-24143.md
Has vendor confirmed or acknowledged the vulnerability?
true
Discoverer
Suzhou Aurora Infinity Information Technology Co., Ltd.