Low risk vulnerability?

  • Resolved John

    (@dsl225)


    1 month, 2 weeks ago

    Hello,

    Just got this today, FYI:
    WordPress Visual Link Preview plugin <= 2.3.0 – Server Side Request Forgery (SSRF) vulnerability

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Brecht

    (@brechtvds)

    1 month, 2 weeks ago

    Hi there,

    Thanks for letting me know! I was not contacted about this by Patchstack, so I wasn’t aware of this security report.

    I just released Visual Link Preview 2.3.1 that should fix things.

    Take note that the issue could only be exploited by someone who had already been granted trusted access to the site with the capability to edit posts, so the actual risk should be negligible for most sites.

    Kind regards,
    Brecht

    Thread Starter John

    (@dsl225)

    1 month, 2 weeks ago

    Great, many thanks for your prompt reaction!
    I hesitated to post this, thinking you’ll be flooded with “me too” messages but I was wrong…

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.