CVE-2024-32803

MEDIUM

SuperFaktura WooCommerce <= 1.40.3 - Server-Side Request Forgery

Title source: manual

Description

Server-Side Request Forgery (SSRF) vulnerability in 2day.Sk, Webikon SuperFaktura WooCommerce.This issue affects SuperFaktura WooCommerce: from n/a through 1.40.3.

References (1)

Core 1

Core References

Third Party Advisory vdb-entry

https://patchstack.com/database/vulnerability/woocommerce-superfaktura/wordpress-superfaktura-woocommerce-plugin-1-40-3-server-side-request-forgery-ssrf-vulnerability?_s_id=cve

Scores

CVSS v3 6.4

EPSS 0.0038

EPSS Percentile 30.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-918

Status published

Products (1)

2day.sk, Webikon/SuperFaktura WooCommerce < 1.40.3

Published Apr 24, 2024

Tracked Since Feb 18, 2026