VYPR

CWE-918

Server-Side Request Forgery (SSRF)

BaseIncomplete

Description

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-664

CVEs mapped to this weakness (1,583)

page 33 of 80
  • CVE-2025-52163MedJul 18, 2025
    risk 0.42cvss 6.5epss 0.00

    A Server-Side Request Forgery (SSRF) in the component TunnelServlet of agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 allows attackers to forcefully initiate connections to arbitrary internal and external resources via a crafted request. This can lead to sensitive data…

  • CVE-2025-52713MedJun 20, 2025
    risk 0.42cvss 6.4epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-builder allows Server Side Request Forgery.This issue affects Post and Page Builder by BoldGrid: from n/a through <= 1.27.8.

  • CVE-2025-47484MedMay 7, 2025
    risk 0.42cvss 6.4epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Oliver Campion Display Remote Posts Block display-remote-posts-block allows Server Side Request Forgery.This issue affects Display Remote Posts Block: from n/a through <= 1.1.0.

  • CVE-2025-46511MedApr 24, 2025
    risk 0.42cvss 6.4epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Derek Springer BeerXML Shortcode beerxml-shortcode allows Server Side Request Forgery.This issue affects BeerXML Shortcode: from n/a through <= 0.7.1.

  • CVE-2025-31527MedMar 31, 2025
    risk 0.42cvss 6.4epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Kishan WP Link Preview wp-link-preview allows Server Side Request Forgery.This issue affects WP Link Preview: from n/a through <= 1.4.1.

  • CVE-2025-28094MedMar 28, 2025
    risk 0.42cvss 6.5epss 0.00

    shopxo v6.4.0 has a ssrf/xss vulnerability in multiple places.

  • CVE-2025-27406HigMar 26, 2025
    risk 0.42cvss 7.6epss 0.00

    Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables…

  • CVE-2024-13856MedMar 22, 2025
    risk 0.42cvss 6.4epss 0.00

    The Your Friendly Drag and Drop Page Builder — Make Builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.1.10 via the make_builder_ajax_subscribe() function. This makes it possible for authenticated attackers, with…

  • CVE-2025-1662MedFeb 28, 2025
    risk 0.42cvss 6.4epss 0.00

    The URL Media Uploader plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.0 via the 'url_media_uploader_url_upload' action. This makes it possible for authenticated attackers, with author-level access and above, to make…

  • CVE-2025-22346MedJan 15, 2025
    risk 0.42cvss 6.4epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Faizaan Gagan Course Migration for LearnDash allows Server Side Request Forgery.This issue affects Course Migration for LearnDash: from 1.0.2 through n/a.

  • CVE-2024-56279MedJan 7, 2025
    risk 0.42cvss 6.4epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in mra13 Compact WP Audio Player compact-wp-audio-player allows Server Side Request Forgery.This issue affects Compact WP Audio Player: from n/a through <= 1.9.14.

  • CVE-2024-54000HigDec 3, 2024
    risk 0.42cvss 7.5epss 0.00

    Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In versions prior to 3.9.7, the requests.get() request in the _check_url method is specified as allow_redirects=True, which…

  • CVE-2024-46947MedNov 8, 2024
    risk 0.42cvss 6.5epss 0.00

    Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF.

  • CVE-2024-48052MedNov 4, 2024
    risk 0.42cvss 6.5epss 0.00

    In gradio <=4.42.0, the gr.DownloadButton function has a hidden server-side request forgery (SSRF) vulnerability. The reason is that within the save_url_to_cache function, there are no restrictions on the URL, which allows access to local target resources. This can lead to the…

  • CVE-2024-48450MedOct 25, 2024
    risk 0.42cvss 6.5epss 0.01

    An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute arbitrary code via uploading a crafted HTML file into chat group.

  • CVE-2024-39338HigAug 12, 2024
    risk 0.42cvss 7.5epss 0.01

    axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.

  • CVE-2023-7073MedMay 31, 2024
    risk 0.42cvss 6.4epss 0.00

    The Auto Featured Image (Auto Post Thumbnail) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the upload_to_library AJAX action. This makes it possible for authenticated attackers, with author-level access and…

  • CVE-2024-4789MedMay 17, 2024
    risk 0.42cvss 6.4epss 0.00

    Cost Calculator Builder Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to 3.1.72, via the send_demo_webhook() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to…

  • CVE-2024-34351HigMay 14, 2024
    risk 0.42cvss 7.5epss 0.05

    Next.js is a React framework that can provide building blocks to create web applications. A Server-Side Request Forgery (SSRF) vulnerability was identified in Next.js Server Actions. If the `Host` header is modified, and the below conditions are also met, an attacker may be able…

  • CVE-2024-0216MedApr 30, 2024
    risk 0.42cvss 6.4epss 0.00

    The Google Doc Embedder plugin for WordPress is vulnerable to Server Side Request Forgery via the 'gview' shortcode in versions up to, and including, 2.6.4. This can allow authenticated attackers with contributor-level permissions or above to make web requests to arbitrary…