The Page Builder Gutenberg Blocks WordPress plugin before 3.1.12 does not prevent users from pinging arbitrary hosts via some of its shortcodes, which could allow high privilege users such as contributors to perform SSRF attacks.
Metrics
Affected Vendors & Products
References
History
Fri, 16 May 2025 13:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Godaddy
Godaddy coblocks |
|
Weaknesses | CWE-918 | |
CPEs | cpe:2.3:a:godaddy:coblocks:*:*:*:*:*:wordpress:*:* | |
Vendors & Products |
Godaddy
Godaddy coblocks |

Status: PUBLISHED
Assigner: WPScan
Published: 2024-07-23T06:00:02.295Z
Updated: 2024-08-01T20:33:52.992Z
Reserved: 2024-04-26T14:47:07.157Z
Link: CVE-2024-4260

Updated: 2024-08-01T20:33:52.992Z

Status : Analyzed
Published: 2024-07-23T06:15:09.907
Modified: 2025-05-16T12:44:21.013
Link: CVE-2024-4260

No data.