CVE-2024-37208 MEDIUM

CVE-2024-37208: WordPress WP Scraper plugin <= 5.7 - Server Side Request Forgery (SSRF) vulnerability

Vendor Robert Macchi
Product WP Scraper
Weakness CWE-918 · SSRF
Published July 6, 2024
Last update April 28, 2026
View on NVD All CVEs

CVSS base score

4.9/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

Server-Side Request Forgery (SSRF) vulnerability in Robert Macchi WP Scraper.This issue affects WP Scraper: from n/a through 5.7.

Key dates

02Disclosure timeline

July 6, 2024 CVE published
April 28, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2023-49094 Symbolicator Server Side Request Forgery vulnerability CVE-2024-12989 WISI Tangram GT31 HTTP Request server-side request forgery CVE-2025-8527 Exrick xboot Swagger SecurityController.java server-side request forgery CVE-2026-33675 Vikunja has SSRF via Todoist/Trello Migration File Attachment URLs that Allows Reading Internal Network Resources CVE-2025-12388 B Carousel Block – Responsive Image and Content Carousel <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Server-Side Request Forgery