WordPress Starter Templates Plugin <= 3.2.4 is vulnerable to Server Side Request Forgery (SSRF)
CVE-2023-41804

7.1HIGH

Key Information:

Vendor: Wordpress
Status: Starter Templates — Elementor, WordPress & Beaver Builder Templates
Vendor: CVE Published:; 7 December 2023

What is CVE-2023-41804?

The Starter Templates for Elementor and Beaver Builder, developed by Brainstorm Force, contains a Server-Side Request Forgery (SSRF) vulnerability. This flaw allows attackers to send crafted requests from the vulnerable server, potentially accessing internal systems or services that should remain protected. Versions up to 3.2.4 are susceptible, making it crucial for users of these templates to patch their installations promptly to mitigate potential security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Starter Templates — Elementor, WordPress & Beaver Builder Templates <= 3.2.4

References

https://patchstack.com/database/vulnerability/astra-sites...

vdb-entry

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 7, 2023
Vulnerability Reserved
Sep 1, 2023

Credit

Rafie Muhammad (Patchstack)

JSON

Wordpress

What is CVE-2023-41804?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.