CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5877

The affiliate-toolkit WordPress plugin before 3.4.3 lacks authorization and authentication for requests to it's affiliate-toolkit-starter/tools/atkp_imagereceiver.php endpoint, allowing unauthenticated visitors to make requests to arbitrary URL's, including RFC1918 private addresses, leading to a Server Side Request Forgery (SSRF) issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.2%

CVSS Severity

CVSS v3 Score 9.8

References

Products affected by CVE-2023-5877

Servit » Affiliate-Toolkit » Version: N/A

cpe:2.3:a:servit:affiliate-toolkit:-
Servit » Affiliate-Toolkit » Version: 1.0

cpe:2.3:a:servit:affiliate-toolkit:1.0
Servit » Affiliate-Toolkit » Version: 1.1

cpe:2.3:a:servit:affiliate-toolkit:1.1
Servit » Affiliate-Toolkit » Version: 1.2

cpe:2.3:a:servit:affiliate-toolkit:1.2
Servit » Affiliate-Toolkit » Version: 1.3

cpe:2.3:a:servit:affiliate-toolkit:1.3
Servit » Affiliate-Toolkit » Version: 2.0

cpe:2.3:a:servit:affiliate-toolkit:2.0
Servit » Affiliate-Toolkit » Version: 2.1

cpe:2.3:a:servit:affiliate-toolkit:2.1
Servit » Affiliate-Toolkit » Version: 2.2

cpe:2.3:a:servit:affiliate-toolkit:2.2
Servit » Affiliate-Toolkit » Version: 2.6.6

cpe:2.3:a:servit:affiliate-toolkit:2.6.6
Servit » Affiliate-Toolkit » Version: 2.7.2

cpe:2.3:a:servit:affiliate-toolkit:2.7.2
Servit » Affiliate-Toolkit » Version: 2.7.3

cpe:2.3:a:servit:affiliate-toolkit:2.7.3
Servit » Affiliate-Toolkit » Version: 2.7.4

cpe:2.3:a:servit:affiliate-toolkit:2.7.4
Servit » Affiliate-Toolkit » Version: 2.7.5

cpe:2.3:a:servit:affiliate-toolkit:2.7.5
Servit » Affiliate-Toolkit » Version: 3.1.9

cpe:2.3:a:servit:affiliate-toolkit:3.1.9
Servit » Affiliate-Toolkit » Version: 3.2.0

cpe:2.3:a:servit:affiliate-toolkit:3.2.0
Servit » Affiliate-Toolkit » Version: 3.2.1

cpe:2.3:a:servit:affiliate-toolkit:3.2.1
Servit » Affiliate-Toolkit » Version: 3.2.2

cpe:2.3:a:servit:affiliate-toolkit:3.2.2
Servit » Affiliate-Toolkit » Version: 3.2.3

cpe:2.3:a:servit:affiliate-toolkit:3.2.3
Servit » Affiliate-Toolkit » Version: 3.2.4

cpe:2.3:a:servit:affiliate-toolkit:3.2.4
Servit » Affiliate-Toolkit » Version: 3.2.5

cpe:2.3:a:servit:affiliate-toolkit:3.2.5
Servit » Affiliate-Toolkit » Version: 3.2.6

cpe:2.3:a:servit:affiliate-toolkit:3.2.6
Servit » Affiliate-Toolkit » Version: 3.2.7

cpe:2.3:a:servit:affiliate-toolkit:3.2.7
Servit » Affiliate-Toolkit » Version: 3.2.8

cpe:2.3:a:servit:affiliate-toolkit:3.2.8
Servit » Affiliate-Toolkit » Version: 3.2.9

cpe:2.3:a:servit:affiliate-toolkit:3.2.9
Servit » Affiliate-Toolkit » Version: 3.3.0

cpe:2.3:a:servit:affiliate-toolkit:3.3.0
Servit » Affiliate-Toolkit » Version: 3.3.1

cpe:2.3:a:servit:affiliate-toolkit:3.3.1
Servit » Affiliate-Toolkit » Version: 3.3.2

cpe:2.3:a:servit:affiliate-toolkit:3.3.2
Servit » Affiliate-Toolkit » Version: 3.3.3

cpe:2.3:a:servit:affiliate-toolkit:3.3.3
Servit » Affiliate-Toolkit » Version: 3.3.4

cpe:2.3:a:servit:affiliate-toolkit:3.3.4
Servit » Affiliate-Toolkit » Version: 3.3.5

cpe:2.3:a:servit:affiliate-toolkit:3.3.5
Servit » Affiliate-Toolkit » Version: 3.3.6

cpe:2.3:a:servit:affiliate-toolkit:3.3.6
Servit » Affiliate-Toolkit » Version: 3.3.7

cpe:2.3:a:servit:affiliate-toolkit:3.3.7
Servit » Affiliate-Toolkit » Version: 3.3.8

cpe:2.3:a:servit:affiliate-toolkit:3.3.8
Servit » Affiliate-Toolkit » Version: 3.3.9

cpe:2.3:a:servit:affiliate-toolkit:3.3.9
Servit » Affiliate-Toolkit » Version: 3.4.0

cpe:2.3:a:servit:affiliate-toolkit:3.4.0
Servit » Affiliate-Toolkit » Version: 3.4.1

cpe:2.3:a:servit:affiliate-toolkit:3.4.1
Servit » Affiliate-Toolkit » Version: 3.4.2

cpe:2.3:a:servit:affiliate-toolkit:3.4.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5877

Products

Pricing

Contact Us