Vulnerabilities > Server-Side Request Forgery (SSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-02-20 | CVE-2025-1043 | The Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.5 via the 'embeddoc' shortcode. | 6.4 |
2025-02-19 | CVE-2025-27090 | Server-Side Request Forgery (SSRF) vulnerability in Bishopfox Sliver Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. | 5.3 |
2025-02-19 | CVE-2025-1447 | A vulnerability was found in kasuganosoras Pigeon 1.0.177. | 4.3 |
2025-02-18 | CVE-2024-13741 | Server-Side Request Forgery (SSRF) vulnerability in Metagauss Profilegrid The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Limited Server-Side Request Forgery in all versions up to, and including, 5.9.4.2 via the pm_upload_image function. | 5.4 |
2025-02-17 | CVE-2024-13879 | The Stream plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.2 due to insufficient validation on the webhook feature. | 5.5 |
2025-02-15 | CVE-2024-13834 | Server-Side Request Forgery (SSRF) vulnerability in Cyberchimps Responsive Addons The Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.4 via the 'remote_request' function. | 5.4 |
2025-02-11 | CVE-2024-52606 | Server-Side Request Forgery (SSRF) vulnerability in Solarwinds Platform SolarWinds Platform is affected by server-side request forgery vulnerability. | 9.8 |
2025-02-06 | CVE-2025-21177 | Server-Side Request Forgery (SSRF) vulnerability in Microsoft Dynamics 365 Sales Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker to elevate privileges over a network. | 8.8 |
2025-01-26 | CVE-2024-10705 | Server-Side Request Forgery (SSRF) vulnerability in Themeisle multiple Page Generator The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpg_download_file_by_link' function. | 8.1 |
2025-01-25 | CVE-2024-13450 | Server-Side Request Forgery (SSRF) vulnerability in Bitapps Contact Form Builder The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.17.4 via the Webhooks integration. | 6.5 |