Vulnerabilities > CVE-2025-47548 - Server-Side Request Forgery (SSRF) vulnerability in Wbcomdesigns Activity Link Preview for Buddypress

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

wbcomdesigns

CWE-918

critical

NVD

Published: 2025-05-07

Updated: 2025-05-12

Summary

Server-Side Request Forgery (SSRF) vulnerability in Varun Dubey Wbcom Designs - Activity Link Preview For BuddyPress allows Server Side Request Forgery. This issue affects Wbcom Designs - Activity Link Preview For BuddyPress: from n/a through 1.4.4.

Vulnerable Configurations

Part	Description	Count
Application	Wbcomdesigns Wbcomdesigns Activity Link Preview FOR Buddypress *	1

Common Weakness Enumeration (CWE)

CWE-918 - Server-Side Request Forgery (SSRF)

References

https://patchstack.com/database/wordpress/plugin/activity-link-preview-for-buddypress/vulnerability/wordpress-wbcom-designs-activity-link-preview-for-buddypress-1-4-4-server-side-request-forgery-ssrf-vulnerability?_s_id=cve