CVE-2024-56279

CVSS 3.1 Score 6.4 of 10 (medium)

Details

Published Jan 7, 2025
CWE ID 918

Summary

CVE-2024-56279 is a newly disclosed Server-Side Request Forgery (SSRF) vulnerability that affects the Compact WP Audio Player, which is used on Tips and Tricks HQ website. Attackers can exploit this flaw to make unauthorized server-side requests, potentially gaining access to sensitive information or performing unauthorized actions. The vulnerability exists in versions of the plugin from n/a through 1.9.14, and users are urged to update to a patched version as soon as possible. A successful exploit of this SSRF vulnerability could lead to significant security risks for affected systems.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share