The Craw Data WordPress plugin through 1.0.0 does not implement nonce checks, which could allow attackers to make a logged in admin change the url value performing unwanted crawls on third-party sites (SSRF).
Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku
Kaynak: National Vulnerability Database