A high-severity Server-Side Request Forgery (SSRF) vulnerability has been identified in the TableMaster for Elementor WordPress plugin. This flaw could allow an unauthenticated attacker to trick the website's server into making unauthorized requests to internal network resources or external services. Successful exploitation could lead to internal network scanning, sensitive information disclosure, and bypassing network security controls.

The vulnerability is a Server-Side Request Forgery (SSRF) flaw within the TableMaster for Elementor plugin. An attacker can craft a malicious request to the web server, manipulating a feature in the plugin that fetches data from external URLs. This forces the server to initiate a new connection to an arbitrary destination chosen by the attacker, effectively using the server as a proxy. This could be exploited to scan internal networks, access sensitive cloud metadata services (e.g., AWS EC2 metadata endpoint), or interact with other internal services that are not exposed to the internet but are accessible from the web server itself.

This vulnerability is rated as High severity with a CVSS score of 7.2, posing a significant risk to the organization. Exploitation can lead to the exposure of sensitive internal data, including configuration files, database credentials, or cloud provider access keys. An attacker could use this vulnerability to map the internal network topology, identify running services, and potentially pivot to other systems within the corporate network. This bypasses traditional firewall protections, as the malicious requests originate from a trusted internal server, potentially leading to a full network compromise.

Immediate Action: Immediately update the "TableMaster for Elementor" plugin to the latest patched version provided by the developer. If the plugin is not actively used or essential for business operations, the most secure course of action is to deactivate and remove it completely from the WordPress installation.

Proactive Monitoring: Monitor the web server's outbound network traffic for any unusual requests, particularly those directed to internal IP address ranges (e.g., 10.0.0.0/8, 192.168.0.0/16) or known cloud metadata endpoints (169.254.169.254). Review web server access logs for anomalous requests targeting the plugin's functionality that may indicate scanning or exploitation attempts.

Compensating Controls: If immediate patching is not feasible, implement a Web Application Firewall (WAF) with rules designed to detect and block common SSRF attack patterns. Additionally, configure strict egress filtering rules on the server's host-based firewall to deny all outbound connections by default, only allowing traffic to explicitly approved services and IP addresses.

Public Exploit Available: false

Given the high severity (CVSS 7.2) of this vulnerability and its potential for exposing internal network resources, immediate action is required. Organizations must prioritize applying the vendor-supplied patch by updating the TableMaster for Elementor plugin without delay. Although this CVE is not currently listed in the CISA KEV catalog, the risk of information disclosure and internal network pivoting is substantial. If the plugin is not critical, the recommended course of action is its complete removal to eliminate this attack vector.