VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Server-Side Request Forgery (SSRF)
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-14
CVE-2025-3572
SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server.
network
low complexity
CWE-918
7.5
7.5
2025-04-05
CVE-2025-32358
Server-Side Request Forgery (SSRF) vulnerability in Zammad 6.4.0/6.4.1
In Zammad 6.4.x before 6.4.2, SSRF can occur.
network
low complexity
zammad
CWE-918
4.1
4.1
2025-04-04
CVE-2025-3254
A vulnerability was found in xujiangfei admintwo 1.0.
network
low complexity
CWE-918
6.3
6.3
2025-03-31
CVE-2025-2997
A vulnerability was found in zhangyanbo2007 youkefu 4.2.0.
network
low complexity
CWE-918
6.3
6.3
2025-03-26
CVE-2024-13411
The Zapier for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5.1 via the updated_user() function.
network
low complexity
CWE-918
6.4
6.4
2025-03-26
CVE-2025-1912
The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.0 via the validate_file() Function.
network
low complexity
CWE-918
7.6
7.6
2025-03-25
CVE-2025-2109
The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.30.15 via the init() function.
network
low complexity
CWE-918
5.8
5.8
2025-03-22
CVE-2025-1970
The Export and Import Users and Customers plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.6.2 via the validate_file() function.
network
low complexity
CWE-918
7.6
7.6
2025-03-22
CVE-2024-13856
The Your Friendly Drag and Drop Page Builder — Make Builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.1.10 via the make_builder_ajax_subscribe() function.
network
low complexity
CWE-918
6.4
6.4
2025-03-20
CVE-2024-13923
Server-Side Request Forgery (SSRF) vulnerability in Webtoffee Order Export & Order Import for Woocommerce
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.6.0 via the validate_file() function.
network
low complexity
webtoffee
CWE-918
6.5
6.5
«
1
(current)
2
3
4
5
...
93
94
»
Next