CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N
What the vulnerability does
The Church Admin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.28 due to insufficient validation of user-supplied URLs in the 'audio_url' parameter. This makes it possible for authenticated attackers, with Administrator-level access, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Explanation of Vulnerability in Simple Terms
Church Admin versions up to 5.0.28 contain a server-side request forgery vulnerability that allows high-privilege users to make the site send requests to internal or external systems. The vulnerability requires administrator access and high attack complexity. Impact is limited to minor integrity changes. Update to a version newer than 5.0.28.
What an attacker can do
Make the site send HTTP requests to internal systems or external servers on the attacker's behalf.
Potential impact on your site
An admin account could be misused to probe internal networks or interact with external services, but data theft is not possible.
Conditions required to exploit
Attacker must have administrator-level access to Church Admin and exploit requires specific technical conditions.
Key dates
External resources
Related vulnerabilities
