CVE-2024-56279
CVSS 3.1 Score 6.4 of 10 (medium)
Details
Summary
CVE-2024-56279 is a newly disclosed Server-Side Request Forgery (SSRF) vulnerability that affects the Compact WP Audio Player, which is used on Tips and Tricks HQ website. Attackers can exploit this flaw to make unauthorized server-side requests, potentially gaining access to sensitive information or performing unauthorized actions. The vulnerability exists in versions of the plugin from n/a through 1.9.14, and users are urged to update to a patched version as soon as possible. A successful exploit of this SSRF vulnerability could lead to significant security risks for affected systems.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Compact WP Audio Player Plugin