VYPR

CWE-918

Server-Side Request Forgery (SSRF)

BaseIncomplete

Description

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-664

CVEs mapped to this weakness (922)

page 37 of 47
  • CVE-2025-68893MedDec 29, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in HETWORKS WordPress Image shrinker wp-image-shrinker allows Server Side Request Forgery.This issue affects WordPress Image shrinker: from n/a through <= 1.1.0.

  • CVE-2025-68600MedDec 24, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Yannick Lefebvre Link Library link-library allows Server Side Request Forgery.This issue affects Link Library: from n/a through <= 7.8.7.

  • CVE-2025-68500MedDec 24, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in bdthemes Prime Slider – Addons For Elementor bdthemes-prime-slider-lite allows Server Side Request Forgery.This issue affects Prime Slider – Addons For Elementor: from n/a through <= 4.0.10.

  • CVE-2025-63010MedDec 9, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in ThemesInflow Hercules Core hercules-core allows Server Side Request Forgery.This issue affects Hercules Core : from n/a through <= 7.4.

  • CVE-2025-62988MedOct 27, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Codeless Slider Templates slider-templates allows Server Side Request Forgery.This issue affects Slider Templates: from n/a through <= 1.0.3.

  • CVE-2025-58977MedSep 9, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Rhys Wynne WP eBay Product Feeds ebay-feeds-for-wordpress allows Server Side Request Forgery.This issue affects WP eBay Product Feeds: from n/a through <= 3.4.8.

  • CVE-2025-58829MedSep 5, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in aitool Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One ai-auto-tool allows Server Side Request Forgery.This issue affects Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One: from n/a through <= 2.3.3.

  • CVE-2025-48364MedAug 28, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in vEnCa-X rajce rajce allows Server Side Request Forgery.This issue affects rajce: from n/a through <= 0.4.2.

  • CVE-2025-49985MedJun 20, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Ali Irani Auto Upload Images auto-upload-images allows Server Side Request Forgery.This issue affects Auto Upload Images: from n/a through <= 3.3.2.

  • CVE-2025-49984MedJun 20, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in blubrry PowerPress Podcasting powerpress allows Server Side Request Forgery.This issue affects PowerPress Podcasting: from n/a through <= 11.13.11.

  • CVE-2025-49983MedJun 20, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Joe Hoyle WPThumb wp-thumb allows Server Side Request Forgery.This issue affects WPThumb: from n/a through <= 0.10.

  • CVE-2025-49877MedJun 17, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Server Side Request Forgery.This issue affects ProfileGrid : from n/a through <= 5.9.5.2.

  • CVE-2025-30976MedJun 6, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in wpdive Nexa Blocks nexa-blocks allows Server Side Request Forgery.This issue affects Nexa Blocks: from n/a through <= 1.1.1.

  • CVE-2025-29008MedJun 6, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in ShawonPro SocialMark socialmark allows Server Side Request Forgery.This issue affects SocialMark: from n/a through <= 2.0.7.

  • CVE-2025-47483MedMay 7, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Iulia Cazan Easy Replace Image easy-replace-image allows Server Side Request Forgery.This issue affects Easy Replace Image: from n/a through <= 3.5.0.

  • CVE-2025-47464MedMay 7, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in solacewp Solace Extra solace-extra allows Server Side Request Forgery.This issue affects Solace Extra: from n/a through <= 1.3.1.

  • CVE-2025-46531MedApr 24, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Ankur Vishwakarma WP AVCL Automation Helper (formerly WPFlyLeads) woozap allows Server Side Request Forgery.This issue affects WP AVCL Automation Helper (formerly WPFlyLeads): from n/a through <= 3.4.

  • CVE-2025-46503MedApr 24, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in josheli Simple Google Photos Grid simple-google-photos-grid allows Server Side Request Forgery.This issue affects Simple Google Photos Grid: from n/a through <= 1.5.

  • CVE-2025-46443MedApr 24, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Adam Pery Animate animate allows Server Side Request Forgery.This issue affects Animate: from n/a through <= 0.5.

  • CVE-2025-32691MedApr 9, 2025
    risk 0.32cvss 4.9epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in blubrry PowerPress Podcasting powerpress allows Server Side Request Forgery.This issue affects PowerPress Podcasting: from n/a through <= 11.12.6.