Server-Side Request Forgery in WP Smart Import Plugin for WordPress
CVE-2020-24147
9.1CRITICAL
What is CVE-2020-24147?
The WP Smart Import plugin for WordPress is susceptible to a server-side request forgery (SSR) vulnerability through its file field feature. This flaw allows attackers to make unauthorized requests to internal services, potentially leading to data exposure or manipulation. Users of the plugin should take immediate action to mitigate risks associated with this security issue.