1Oca
CVE-2023-5877 | WP-FeedStats affiliate-toolkit Plugin up to 3.4.2 on WordPress atkp_imagereceiver.php server-side request forgery
A vulnerability was found in WP-FeedStats affiliate-toolkit Plugin up to 3.4.2 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality of the file affiliate-toolkit-starter/tools/atkp_imagereceiver.php. The manipulation leads to server-side request forgery. This vulnerability is handled as CVE-2023-5877. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.