Server-Side Request Forgery (SSRF) Vulnerability Affects BlossomThemes Email Newsletter
CVE-2024-37098

4.4MEDIUM

Key Information:

Vendor
WordPress
Status
Blossomthemes Email Newsletter
Vendor
CVE Published:
26 June 2024

Summary

Server-Side Request Forgery (SSRF) vulnerability in Blossom Themes BlossomThemes Email Newsletter.This issue affects BlossomThemes Email Newsletter: from n/a through 2.2.6.

Affected Version(s)

BlossomThemes Email Newsletter <= 2.2.6

References

https://patchstack.com/database/vulnerability/blossomthem...
vdb-entry

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Yuchen Ji (Patchstack Alliance)
.