Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1487

1487 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-13450 Contact Form by Bit Form <= 2.17.4 - Authenticated (Administrator+) Server-Side Request Forgery — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder 3.8 Low2025-01-25
CVE-2025-24703 WordPress Comment Edit Core – Simple Comment Editing Plugin <= 3.0.33 - Server Side Request Forgery (SSRF) vulnerability — Comment Edit Core – Simple Comment Editing 4.4 Medium2025-01-24
CVE-2025-24695 WordPress Extensions For CF7 Plugin <= 3.2.0 - Server Side Request Forgery (SSRF) vulnerability — Extensions For CF7 4.4 Medium2025-01-24
CVE-2025-24701 WordPress Chained Quiz Plugin <= 1.3.2.9 - Server Side Request Forgery (SSRF) vulnerability — Chained Quiz 4.4 Medium2025-01-24
CVE-2024-11913 Activity Plus Reloaded for BuddyPress <= 1.1.1 - Authenticated (Subscriber+) Blind Server-Side Request Forgery — Activity Plus Reloaded for BuddyPress 5.4 Medium2025-01-24
CVE-2024-43710 Kibana server-side request forgery — Kibana 4.3 Medium2025-01-23
CVE-2024-42182 HCL BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability — BigFix Patch Management Download Plug-ins 2.5 Low2025-01-23
CVE-2024-13360 AI Power: Complete AI Pack <= 1.8.96 - Authenticated (Subscriber+) Server-Side Request Forgery — AI Puffer – Your AI engine for WordPress (formerly AI Power) 5.4 Medium2025-01-22
CVE-2023-50733 A Server-Side Request Forgery (SSRF) vulnerability exists in newer Lexmark devices. — various 8.6 High2025-01-21
CVE-2024-45479 Apache Ranger: SSRF in Edit Service page - Add logic to filter requests to localhost — Apache Ranger 5.3 -2025-01-21
CVE-2025-0584 aEnrich Technology a+HRD - Server-Side Request Forgery (SSRF) — a+HRD 5.3 Medium2025-01-20
CVE-2024-52602 Server-Side Request Forgery (SSRF) on redirects and federation in Matrix Media Repo — matrix-media-repo 5.0 Medium2025-01-16
CVE-2024-52594 Server-Side Request Forgery (SSRF) on redirects and federation in gomatrixserverlib — gomatrixserverlib 4.3 Medium2025-01-16
CVE-2025-0480 wuzhicms config.php test server-side request forgery — wuzhicms 4.3 Medium2025-01-15
CVE-2025-22346 WordPress Course Migration for LearnDash plugin 1.0.2 - Server Side Request Forgery (SSRF) vulnerability — Course Migration for LearnDash 6.4 Medium2025-01-15
CVE-2025-0474 Invoice Ninja PDF Rendering Server Side Request Forgery — Invoice Ninja 7.7 High2025-01-14
CVE-2025-21385 Microsoft Purview Information Disclosure Vulnerability — Microsoft Purview 8.8 High2025-01-09
CVE-2024-53705 SonicWALL SonicOS 安全漏洞 — SonicOS 7.5 -2025-01-09
CVE-2024-13195 donglight bookstore电商书城系统说明 HttpUtil.java getHtml server-side request forgery — bookstore电商书城系统说明 6.3 Medium2025-01-08
CVE-2024-56275 WordPress Envato Elements plugin <= 2.0.14 - Server Side Request Forgery (SSRF) vulnerability — Envato Elements 4.1 Medium2025-01-07
CVE-2024-56279 WordPress Compact WP Audio Player plugin <= 1.9.14 - Server Side Request Forgery (SSRF) vulnerability — Compact WP Audio Player 6.4 Medium2025-01-07
CVE-2024-13139 wangl1989 mysiteforme FileController doContent server-side request forgery — mysiteforme 6.3 Medium2025-01-05
CVE-2024-12237 Photo Gallery Slideshow & Masonry Tiled Gallery <= 1.0.15 - Authenticated (Subscriber+) Limited Server-Side Request Forgery — Photo Gallery Slideshow & Masonry Tiled Gallery 4.3 Medium2025-01-03
CVE-2024-56800 Firecrawl has SSRF Vulnerability via malicious scrape target — firecrawl 7.4 High2024-12-30
CVE-2024-10044 SSRF in POST /worker_generate_stream API endpoint in lm-sys/fastchat — lm-sys/fastchat 9.8 -2024-12-30
CVE-2024-13032 Antabot White-Jotter Article Editor editor server-side request forgery — White-Jotter 2.7 Low2024-12-30
CVE-2024-13029 Antabot White-Jotter Edit Book book server-side request forgery — White-Jotter 4.3 Medium2024-12-29
CVE-2024-12989 WISI Tangram GT31 HTTP Request server-side request forgery — Tangram GT31 5.3 Medium2024-12-27
CVE-2024-51463 IBM i server-side request forgery — i 5.4 Medium2024-12-21
CVE-2024-12867 Server-Side Request Forgery in Arctic Hub URL Mapper allows an unauthenticated remote attacker to exfiltrate and modify configurations and data — Arctic Hub 9.1 -2024-12-20

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1487 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.