CVE-2022-1037

CVE-2022-1037: EXMAGE < 1.0.7 - Admin+ Blind SSRF

Vendor Unknown
Product EXMAGE – WordPress Image Links
Weakness CWE-918 · SSRF
Published April 18, 2022
Last update August 2, 2024

CVSS base score

What the vulnerability does

01Description

The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external images, which could lead to a blind SSRF issue by using local URLs

Key dates

02Disclosure timeline

April 18, 2022 CVE published
August 2, 2024 Record updated