| 2025-03-12 | CVE-2024-13838 | Server-Side Request Forgery (SSRF) vulnerability in Uncannyowl Uncanny Automator
The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.2 via the 'call_webhook' method of the Automator_Send_Webhook class This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | 3.8 |
| 2025-03-11 | CVE-2025-2192 | A vulnerability, which was classified as problematic, was found in Stoque Zeev.it 4.24. | 4.3 |
| 2025-03-11 | CVE-2025-27430 | Under certain conditions, an SSRF vulnerability in SAP CRM and SAP S/4HANA (Interaction Center) allows an attacker with low privileges to access restricted information. | 3.5 |
| 2025-03-09 | CVE-2025-2116 | A vulnerability has been found in Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System 3.0 and classified as problematic. | 4.3 |
| 2025-03-08 | CVE-2024-13924 | Server-Side Request Forgery (SSRF) vulnerability in Fancywp Starter Templates
The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.0.0 via the 'http_request_host_is_external' filter. | 9.1 |
| 2025-03-07 | CVE-2024-13857 | The WPGet API – Connect to any external REST API plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.10. | 5.5 |
| 2025-03-07 | CVE-2024-13904 | Server-Side Request Forgery (SSRF) vulnerability in Platformly Platform.Ly for Woocommerce
The Platform.ly for WooCommerce plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.6 via the 'hooks' function. | 9.1 |
| 2025-03-03 | CVE-2025-25301 | Server-Side Request Forgery (SSRF) vulnerability in Danielgatis Rembg
Rembg is a tool to remove images background. | 7.5 |
| 2025-03-01 | CVE-2024-13697 | The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.4 via the 'nice_links'. | 4.8 |
| 2025-02-28 | CVE-2025-1662 | Server-Side Request Forgery (SSRF) vulnerability in Apprhyme URL Media Uploader
The URL Media Uploader plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.0 via the 'url_media_uploader_url_upload' action. | 6.4 |