Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-09 | CVE-2024-10814 | The Code Embed plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5 via the ce_get_file() function. | 6.4 |
| 2024-11-06 | CVE-2024-20531 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Identity Services Engine A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device and conduct a server-side request forgery (SSRF) attack through an affected device. | 6.5 |
| 2024-11-05 | CVE-2024-51740 | Server-Side Request Forgery (SSRF) vulnerability in Combodo Itop Combodo iTop is a simple, web based IT Service Management tool. | 8.8 |
| 2024-11-04 | CVE-2024-51408 | Server-Side Request Forgery (SSRF) vulnerability in Appsmith AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests to 169.254.169.254 to retrieve AWS metadata credentials. | 6.5 |
| 2024-11-04 | CVE-2024-51665 | Server-Side Request Forgery (SSRF) vulnerability in Wpthemespace Magical Addons for Elementor Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor allows Server Side Request Forgery.This issue affects Magical Addons For Elementor: from n/a through 1.2.1. | 4.3 |
| 2024-10-22 | CVE-2024-45518 | Server-Side Request Forgery (SSRF) vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch 41, and 8.8.15 before Patch 46. | 8.8 |
| 2024-10-16 | CVE-2012-10018 | The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery in versions up to, and including 6.1, 1.0 respectively. | 8.3 |
| 2024-10-11 | CVE-2024-47830 | Server-Side Request Forgery (SSRF) vulnerability in Plane Plane is an open-source project management tool. | 5.8 |
| 2024-10-10 | CVE-2024-47167 | Server-Side Request Forgery (SSRF) vulnerability in Gradio Project Gradio Gradio is an open-source Python package designed for quick prototyping. | 9.8 |
| 2024-10-10 | CVE-2024-45119 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Commerce and Magento Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. | 4.9 |