Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-20 | CVE-2024-12450 | Server-Side Request Forgery (SSRF) vulnerability in Infiniflow Ragflow 0.12.0 In infiniflow/ragflow versions 0.12.0, the `web_crawl` function in `document_app.py` contains multiple vulnerabilities. | 9.8 |
| 2025-03-18 | CVE-2024-49822 | IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). | 4.1 |
| 2025-03-12 | CVE-2024-13838 | Server-Side Request Forgery (SSRF) vulnerability in Uncannyowl Uncanny Automator The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.2 via the 'call_webhook' method of the Automator_Send_Webhook class This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | 3.8 |
| 2025-03-11 | CVE-2025-2192 | A vulnerability, which was classified as problematic, was found in Stoque Zeev.it 4.24. | 4.3 |
| 2025-03-11 | CVE-2025-27430 | Under certain conditions, an SSRF vulnerability in SAP CRM and SAP S/4HANA (Interaction Center) allows an attacker with low privileges to access restricted information. | 3.5 |
| 2025-03-09 | CVE-2025-2116 | A vulnerability has been found in Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System 3.0 and classified as problematic. | 4.3 |
| 2025-03-08 | CVE-2024-13924 | Server-Side Request Forgery (SSRF) vulnerability in Fancywp Starter Templates The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.0.0 via the 'http_request_host_is_external' filter. | 9.1 |
| 2025-03-07 | CVE-2024-13857 | The WPGet API – Connect to any external REST API plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.10. | 5.5 |
| 2025-03-07 | CVE-2024-13904 | Server-Side Request Forgery (SSRF) vulnerability in Platformly Platform.Ly for Woocommerce The Platform.ly for WooCommerce plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.6 via the 'hooks' function. | 9.1 |
| 2025-03-03 | CVE-2025-27501 | Server-Side Request Forgery (SSRF) vulnerability in Openziti OpenZiti is a free and open source project focused on bringing zero trust to any application. | 8.6 |