Nelio Content
Monthly
Server-Side Request Forgery (SSRF) in Nelio Content WordPress plugin through version 4.3.1 allows authenticated attackers to make arbitrary HTTP requests from the vulnerable server, potentially accessing internal services and exfiltrating sensitive data. The vulnerability requires authenticated access (PR:L) and high attack complexity (AC:H), limiting real-world risk despite affecting all versions up to 4.3.1. No public exploit code or active exploitation has been confirmed; EPSS score of 0.02% (4th percentile) indicates very low exploitation probability.
Server-Side Request Forgery (SSRF) in Nelio Content WordPress plugin through version 4.3.1 allows authenticated attackers to make arbitrary HTTP requests from the vulnerable server, potentially accessing internal services and exfiltrating sensitive data. The vulnerability requires authenticated access (PR:L) and high attack complexity (AC:H), limiting real-world risk despite affecting all versions up to 4.3.1. No public exploit code or active exploitation has been confirmed; EPSS score of 0.02% (4th percentile) indicates very low exploitation probability.