cve/2019/CVE-2019-16932.md

CVE-2019-16932

Description

A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data.

POC

Reference

• https://nathandavison.com/blog/wordpress-visualizer-plugin-xss-and-ssrf
• https://wpvulndb.com/vulnerabilities/9892

Github

• https://github.com/20142995/nuclei-templates
• https://github.com/ARPSyndicate/cve-scores
• https://github.com/ARPSyndicate/kenzer-templates