Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1485

1485 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-58641 WordPress Exit Intent Popup Plugin <= 1.0.1 - Server Side Request Forgery (SSRF) Vulnerability — Exit Intent Popup 5.4 Medium2025-09-03
CVE-2025-58615 WordPress WP Bannerize Pro Plugin <= 1.10.0 - Server Side Request Forgery (SSRF) Vulnerability — WP Bannerize Pro 4.4 Medium2025-09-03
CVE-2025-9821 SSRF via webhook function — Mautic 2.7 Low2025-09-03
CVE-2025-9805 SimStudioAI sim route.ts server-side request forgery — sim 6.3 Medium2025-09-02
CVE-2025-9799 Langfuse Webhook promptRouter.ts promptChangeEventSourcing server-side request forgery — Langfuse 5.0 Medium2025-09-01
CVE-2025-55007 Knowage vulnerable to server-side request forgery — Knowage-Server 3.5 Low2025-09-01
CVE-2025-57822 Next.js Improper Middleware Redirect Handling Leads to SSRF — next.js 6.5 Medium2025-08-29
CVE-2025-53250 WordPress Chartbeat Plugin <= 2.0.7 - Server Side Request Forgery (SSRF) Vulnerability — Chartbeat 6.4 Medium2025-08-28
CVE-2025-48364 WordPress rajce plugin <= 0.4.2 - Server Side Request Forgery (SSRF) vulnerability — rajce 4.9 Medium2025-08-28
CVE-2025-58203 WordPress Solace Extra Plugin <= 1.3.2 - Server Side Request Forgery (SSRF) Vulnerability — Solace Extra 4.4 Medium2025-08-27
CVE-2025-57818 Firecrawl SSRF Vulnerability via malicious webhook — firecrawl 6.3 Medium2025-08-26
CVE-2025-57814 request-filtering-agent SSRF Bypass via HTTPS Requests — request-filtering-agent 9.1AICriticalAI2025-08-25
CVE-2025-9414 kalcaddle kodbox Download from Link serverDownload server-side request forgery — kodbox 4.7 Medium2025-08-25
CVE-2025-54370 PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser — PhpSpreadsheet 9.8AICriticalAI2025-08-25
CVE-2025-9402 HuangDou UTCMS Config update.php server-side request forgery — UTCMS 4.7 Medium2025-08-25
CVE-2025-9395 wangsongyan wblog backup.go RestorePost server-side request forgery — wblog 6.3 Medium2025-08-24
CVE-2025-7813 Event Manager, Events Calendar, Booking, Registrations and Tickets – Eventin <= 4.0.37 - Unauthenticated Server-Side Request Forgery — Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) 7.2 High2025-08-23
CVE-2025-8678 WP Crontrol - 1.17.0 - 1.19.1 - Authenticated (Administrator+) Blind Server-Side Request Forgery — WP Crontrol 5.9 Medium2025-08-22
CVE-2025-43747 Liferay DXP 代码问题漏洞 — DXP 9.1AICriticalAI2025-08-21
CVE-2025-47700 AI plugin APIs can be triggered using post actions — Mattermost 3.5 Low2025-08-21
CVE-2025-1142 IBM Edge Application Manager server-side request forgery — Edge Application Manager 5.4 Medium2025-08-20
CVE-2025-54925 Schneider Electric EcoStruxure Power Monitoring Expert和EcoStruxure Power Operation AdvancedReporting and Dashboards Module 代码问题漏洞 — EcoStruxure™ Power Monitoring Expert (PME) 7.5 High2025-08-20
CVE-2025-54924 Schneider Electric EcoStruxure Power Monitoring Expert和EcoStruxure Power Operation AdvancedReporting and Dashboards Module 代码问题漏洞 — EcoStruxure™ Power Monitoring Expert (PME) 7.5 High2025-08-20
CVE-2024-39954 Apache EventMesh Runtime: SSRF — Apache EventMesh Runtime 9.1 -2025-08-20
CVE-2025-5260 SSRF in PozitifIK's Pik Online — Pik Online 8.6 High2025-08-20
CVE-2025-54234 ColdFusion | Server-Side Request Forgery (SSRF) (CWE-918) — ColdFusion 2.7 Low2025-08-18
CVE-2025-8675 AI SEO Link Advisor - Less critical - Server-side Request Forgery - SA-CONTRIB-2025-095 — AI SEO Link Advisor 9.8AICriticalAI2025-08-15
CVE-2025-8013 Quttera Web Malware Scanner <= 3.5.1.41 - Authenticated (Administrator+) Server-Side Request Forgery — Quttera ThreatSign – Web Malware Scanner for WordPress 3.8 Low2025-08-15
CVE-2025-8680 B Slider - Gutenberg Slider Block for WP <= 2.0.0 - Authenticated (Subscriber+) Server-Side Request Forgery — bSlider – Create Responsive Image, Post, Product, and Video Sliders 4.3 Medium2025-08-15
CVE-2025-53241 WordPress Simplified plugin <= 1.0.11 - Server Side Request Forgery (SSRF) vulnerability — Simplified 5.5 Medium2025-08-14

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1485 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.