The WP STAGING WordPress Backup Plugin WordPress plugin before 3.5.0 does not prevent users with the administrator role from pinging conducting SSRF attacks, which may be a problem in multisite configurations.
CVE ID: CVE-2024-4469
Vendor: Unknown
Product: WP STAGING WordPress Backup Plugin
EPSS Score: 0.12% (probability of being exploited)
EPSS Percentile: 32.6% (scored less or equal to compared to others)
EPSS Date: 2025-04-16 (when was this score calculated)
SSVC Exploitation: poc
SSVC Technical Impact: total
SSVC Automatable: true