Medium severity6.3NVD Advisory· Published Nov 14, 2025· Updated Apr 29, 2026
CVE-2025-13174
CVE-2025-13174
Description
A weakness has been identified in rachelos WeRSS we-mp-rss up to 1.4.7. Affected by this vulnerability is the function do_job of the file /rachelos/we-mp-rss/blob/main/jobs/mps.py of the component Webhook Module. Executing manipulation of the argument web_hook_url can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.
Affected products
2Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.