Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1487

1487 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-2997 zhangyanbo2007 youkefu url server-side request forgery — youkefu 6.3 Medium2025-03-31
CVE-2025-31527 WordPress WP Link Preview plugin <= 1.4.1 - Server Side Request Forgery (SSRF) vulnerability — WP Link Preview 6.4 Medium2025-03-31
CVE-2025-31076 WordPress WP Compress for MainWP plugin <= 6.30.03 - Server Side Request Forgery (SSRF) vulnerability — WP Compress for MainWP 4.9 Medium2025-03-28
CVE-2024-48944 Apache Kylin: SSRF vulnerability in the diagnosis api — Apache Kylin 4.4AIMediumAI2025-03-27
CVE-2025-22672 WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.2 - Server Side Request Forgery (SSRF) vulnerability — Video & Photo Gallery for Ultimate Member 4.9 Medium2025-03-27
CVE-2025-30914 WordPress Metform Elementor Contact Form Builder plugin <= 3.9.7 - Server Side Request Forgery (SSRF) vulnerability — Metform 4.4 Medium2025-03-27
CVE-2025-2835 zhangyd-c OneBlog RestApiController.java autoLink server-side request forgery — OneBlog 4.3 Medium2025-03-27
CVE-2025-1912 Product Import Export for WooCommerce <= 2.5.0 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function — Product Import Export for WooCommerce – Import Export Product CSV Suite 7.6 High2025-03-26
CVE-2024-13411 Zapier for WordPress <= 1.5.1 - Authenticated (Subscriber+) Blind Server-Side Request Forgery via updated_user Function — Zapier for WordPress 6.4 Medium2025-03-26
CVE-2025-2109 WP Compress <= 6.30.15 - Unauthenticated Server-Side Request Forgery via init Function — WP Compress – Instant Performance & Speed Optimization 5.8 Medium2025-03-25
CVE-2024-10207 Server-Side Request Forgery (authenticated) in APROL Web Portal — APROL 7.1AIHighAI2025-03-25
CVE-2024-10206 Server-Side Request Forgery (unauthenticated) in APROL Web Portal — APROL 8.2AIHighAI2025-03-25
CVE-2025-2691 nossrf 安全漏洞 — nossrf 8.2 High2025-03-23
CVE-2025-1970 Export and Import Users and Customers <= 2.6.2 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function — Export and Import Users and Customers 7.6 High2025-03-22
CVE-2024-13856 Make Builder <= 1.1.10 - Authenticated (Subscriber+) Server-Side Request Forgery via make_builder_ajax_subscribe Function — Your Friendly Drag and Drop Page Builder — Make Builder 6.4 Medium2025-03-22
CVE-2025-27888 Apache Druid: Server-Side Request Forgery and Cross-Site Scripting — Apache Druid 5.4 -2025-03-20
CVE-2024-13923 Order Export & Order Import for WooCommerce <= 2.6.0 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function — Order Export & Order Import for WooCommerce 7.6 High2025-03-20
CVE-2025-0184 Server-Side Request Forgery (SSRF) in langgenius/dify — langgenius/dify 9.1 -2025-03-20
CVE-2024-10457 SSRF Vulnerabilities in significant-gravitas/autogpt — significant-gravitas/autogpt 9.1 -2025-03-20
CVE-2024-12392 Server-Side Request Forgery (SSRF) in binary-husky/gpt_academic — binary-husky/gpt_academic 6.5 -2025-03-20
CVE-2025-0454 SSRF Check Bypass in Requests Utility in significant-gravitas/autogpt — significant-gravitas/autogpt 9.1 -2025-03-20
CVE-2024-12779 SSRF in infiniflow/ragflow — infiniflow/ragflow 7.5 -2025-03-20
CVE-2024-12766 SSRF in parisneo/lollms-webui — parisneo/lollms-webui 9.8 -2025-03-20
CVE-2024-11030 SSRF in binary-husky/gpt_academic — binary-husky/gpt_academic 8.8 -2025-03-20
CVE-2024-12450 RCE, Full Read SSRF, and Arbitrary File Read in infiniflow/ragflow — infiniflow/ragflow 9.1 -2025-03-20
CVE-2024-8952 SSRF in composiohq/composio — composiohq/composio 9.1 -2025-03-20
CVE-2024-12882 SSRF in comfyanonymous/comfyui — comfyanonymous/comfyui 9.1 -2025-03-20
CVE-2024-12376 Server Side Request Forgery in lm-sys/fastchat — lm-sys/fastchat 7.5 -2025-03-20
CVE-2024-11603 Server-Side Request Forgery in lm-sys/fastchat — lm-sys/fastchat 7.5 -2025-03-20
CVE-2024-8099 Server-Side Request Forgery (SSRF) in vanna-ai/vanna — vanna-ai/vanna 9.1 -2025-03-20

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1487 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.