Analysis of WonderCMS 3.1.3 Vulnerable to Authenticated SSRF (opens in new tab)

The WonderCMS 3.1.3 is vulnerable to authenticated server-side request forgery (SSRF) through the installed themes and plugins. An attacker should have a legitimate authenticated session on the CMS to exploit the vulnerability.