CVE-2024-37098

Description

Server-Side Request Forgery (SSRF) vulnerability in Blossom Themes BlossomThemes Email Newsletter.This issue affects BlossomThemes Email Newsletter: from n/a through 2.2.6.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

Affected products

Blossom Themes / BlossomThemes Email Newslettern/a – 2.2.6

References

MISChttps://patchstack.com/database/vulnerability/blossomthemes-email-newsletter/wordpress-blossomthemes-email-newsletter-plugin-2-2-7-server-side-request-forgery-ssrf-vulnerability?_s_id=cve