Wpget Api – Connect To Any External Rest Api
Approved changes feed: RSS · Atom
cpe:2.3:a:davidanderson:wpget_api_–_connect_to_any_external_rest_api:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Davidanderson (cd5b714b-c39d-52de-94ce-1764b588bf76) |
|---|---|
| Product | Wpget Api – Connect To Any External Rest Api (c67d72ce-24b9-5e68-94d9-da72a14df397) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-13857 |
vulnerable | 2026-06-08 06:25:38.637422 |
WPGet API <= 2.2.10 - Authenticated (Administrator+) Server-Side Request Forgery
MEDIUM (5.5)
The WPGet API – Connect to any external REST API plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services.
Published: 2025-03-07T09:21:14.921Z
Updated: 2026-04-08T17:23:59.917Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.