Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-19 | CVE-2025-1447 | A vulnerability was found in kasuganosoras Pigeon 1.0.177. | 4.3 |
| 2025-02-18 | CVE-2024-13741 | Server-Side Request Forgery (SSRF) vulnerability in Metagauss Profilegrid The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Limited Server-Side Request Forgery in all versions up to, and including, 5.9.4.2 via the pm_upload_image function. | 5.4 |
| 2025-02-17 | CVE-2024-13879 | The Stream plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.2 due to insufficient validation on the webhook feature. | 5.5 |
| 2025-02-15 | CVE-2024-13834 | Server-Side Request Forgery (SSRF) vulnerability in Cyberchimps Responsive Addons The Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.4 via the 'remote_request' function. | 5.4 |
| 2025-02-11 | CVE-2024-52606 | Server-Side Request Forgery (SSRF) vulnerability in Solarwinds Platform SolarWinds Platform is affected by server-side request forgery vulnerability. | 9.8 |
| 2025-02-06 | CVE-2025-21177 | Server-Side Request Forgery (SSRF) vulnerability in Microsoft Dynamics 365 Sales Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker to elevate privileges over a network. | 8.8 |
| 2025-01-26 | CVE-2024-10705 | Server-Side Request Forgery (SSRF) vulnerability in Themeisle multiple Page Generator The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpg_download_file_by_link' function. | 8.1 |
| 2025-01-25 | CVE-2024-13450 | Server-Side Request Forgery (SSRF) vulnerability in Bitapps Contact Form Builder The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.17.4 via the Webhooks integration. | 6.5 |
| 2025-01-24 | CVE-2024-11913 | Server-Side Request Forgery (SSRF) vulnerability in Buddydev Activity Plus Reloaded for Buddypress The Activity Plus Reloaded for BuddyPress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.1 via the 'ajax_preview_link' function. | 5.4 |
| 2025-01-22 | CVE-2024-13360 | Server-Side Request Forgery (SSRF) vulnerability in Aipower The AI Power: Complete AI Pack plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.8.96 via the wpaicg_troubleshoot_add_vector(). | 5.4 |