CVE-2022-1751

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Aug 17, 2024

Updated: Aug 19, 2024

CWE ID 918

Summary

CVE-2022-1751 is a Server-Side Request Forgery (SSRF) vulnerability affecting the Skitter Slideshow plugin for WordPress. This issue impacts versions up to and including 2.5.2. An attacker can exploit this weakness by sending specially crafted requests to the /image.php file. Successful exploitation allows the attacker to make web requests from the vulnerable application, potentially enabling them to query and modify data from internal services. This poses a significant risk, as unauthenticated attackers can gain unauthorized access to sensitive information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/x09NkK
https://www.cve.org/CVERecord?id=CVE-2022-1751
https://nvd.nist.gov/vuln/detail/CVE-2022-1751

Back to Vulnerability Database

CVE-2022-1751

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations