CVE-2020-35313

A server-side request forgery (SSRF) vulnerability in the addCustomThemePluginRepository function in index.php in WonderCMS 3.1.3 allows remote attackers to execute arbitrary code via a crafted URL to the theme/plugin installer.
Configurations

Configuration 1

cpe:2.3:a:wondercms:wondercms:3.1.3:*:*:*:*:*:*:*

Information

Published : 2021-04-20 08:15

Updated : 2021-04-23 09:18


NVD link : CVE-2020-35313

Mitre link : CVE-2020-35313

Products Affected
No products.
CWE
CWE-918

Server-Side Request Forgery (SSRF)