Themes Vulnerabilities

CAS <= 1.0.0 - Unauthenticated SSRF

Description

The plugin does not validate a parameter before making a request to it, which could allow unauthenticated users to perform SSRF attack

Proof of Concept

Affects Themes

cas
No known fix

References

CVE
CVE-2024-4399

Classification

Type
SSRF
OWASP top 10
A1: Injection
CWE
CWE-918
CVSS
8.6 (high)

Miscellaneous

Original Researcher
Aly Khaled Aly Abd Al-aal
Submitter
Aly Khaled Aly Abd Al-aal
Submitter website
https://0x41ly.github.io/
Submitter twitter
Aly_Khal3d
Verified
Yes
WPVDB ID
0690327e-da60-4d71-8b3c-ac9533d82302

Timeline

Publicly Published
2024-05-02 (about 1 year ago)
Added
2024-05-02 (about 1 year ago)
Last Updated
2024-05-02 (about 1 year ago)

Other

Published
Title
Published
2024-03-20
Title
Avada < 7.11.7 - Authenticated (Contributor+) Server-Side Request Forgery via form_to_url_action
Published
2025-05-07
Title
WebinarPress <= 1.33.27 - Authenticated (Administrator+) Server-Side Request Forgery
Published
2025-11-23
Title
Shortcodes Ultimate < 7.4.6 - Admin+ SSRF
Published
2025-01-24
Title
Contact Form by Bit Form < 2.17.5 - Authenticated (Administrator+) Server-Side Request Forgery
Published
2025-07-10
Title
Ultimate Video Player WordPress & WooCommerce Plugin <= 10.1 - Unauthenticated Server-Side Request Forgery