WordPress Plugin Vulnerabilities

Shortcodes Ultimate < 5.12.7 - Subscriber+ SSRF

Description

The plugin does not validate the url attribute of its su_csv_table shortcode before making a request to it, which could allow any authenticated users, such as subscriber to perform SSRF attacks

Affects Plugins

Plugin icon
shortcodes-ultimate
Fixed in 5.12.7

References

CVE
CVE-2023-23800

Classification

Type
SSRF
OWASP top 10
A1: Injection
CWE
CWE-918
CVSS
6.5 (medium)

Miscellaneous

Original Researcher
Rafie Muhammad
Verified
No
WPVDB ID
f81d7f0b-0b7b-4d4c-88c3-0b8f2ee24bce

Timeline

Publicly Published
2023-02-10 (about 3 years ago)
Added
2023-03-30 (about 3 years ago)
Last Updated
2023-03-30 (about 3 years ago)

Other

Published
Title
Published
2025-10-03
Title
Orbit Fox < 3.0.2 - Author+ Server-Side Request Forgery
Published
2025-01-27
Title
Oshine Modules < 3.3.8 - Unauthenticated Server-Side Request Forgery
Published
2025-12-15
Title
Kerge < 4.1.4 - Unauthenticated Server-Side Request Forgery
Published
2025-10-23
Title
Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers < 2.1.5 - Unauthenticated Server-Side Request Forgery
Published
2026-03-20
Title
Performance Monitor <= 1.0.6 - Unauthenticated Server-Side Request Forgery via 'url' Parameter