Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1496

1496 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-30976 WordPress Nexa Blocks plugin <= 1.1.1 - Server Side Request Forgery (SSRF) vulnerability — Nexa Blocks 4.9 Medium2025-06-06
CVE-2025-30997 WordPress Car Repair Services theme <= 5.0 - Server Side Request Forgery (SSRF) Vulnerability — Car Repair Services 5.4 Medium2025-06-06
CVE-2025-46341 Privilege escalation via SSRF when using HTTP auth — FreshRSS 7.1 High2025-06-04
CVE-2025-48962 Acronis Cyber Protect 代码问题漏洞 — Acronis Cyber Protect 16 7.5AIHighAI2025-06-04
CVE-2025-5510 quequnlong shiyi-blog optimize server-side request forgery — shiyi-blog 6.3 Medium2025-06-03
CVE-2024-7073 Unauthenticated Server-Side Request Forgery (SSRF) in Multiple WSO2 Products via SOAP Admin Services — WSO2 Identity Server as Key Manager 6.5 Medium2025-06-02
CVE-2025-5327 chshcms mccms Gf.php index server-side request forgery — mccms 6.3 Medium2025-05-29
CVE-2025-4967 Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS — Portal for ArcGIS 9.1 Critical2025-05-29
CVE-2024-52588 Strapi allows Server-Side Request Forgery in Webhook function — strapi 4.9 Medium2025-05-29
CVE-2025-5276 Markdownify MCP Server 安全漏洞 — mcp-markdownify-server 7.4 High2025-05-29
CVE-2025-5186 thinkgem JeeSite URI Scheme form ResourceLoader.getResource server-side request forgery — JeeSite 6.3 Medium2025-05-26
CVE-2025-5140 Seeyon Zhiyuan OA Web Application System ThirdMenuController.class this.oursNetService.getData server-side request forgery — Zhiyuan OA Web Application System 6.3 Medium2025-05-25
CVE-2025-48739 StrangeBee TheHive 代码问题漏洞 — TheHive 5.5AIMediumAI2025-05-23
CVE-2024-13957 SSRF Server Side Request Forgery — ASPECT-Enterprise 7.6 High2025-05-22
CVE-2025-47936 TYPO3 Vulnerable to Server Side Request Forgery via Webhooks — typo3 3.3 Low2025-05-20
CVE-2025-36560 appleple a-blog cms 代码问题漏洞 — a-blog cms 8.6 High2025-05-19
CVE-2025-47791 Nextcloud Server's test remote endpoint is not rate limited — security-advisories 4.3 Medium2025-05-16
CVE-2025-40595 SonicWALL SMA1000 安全漏洞 — SMA1000 9.1AICriticalAI2025-05-14
CVE-2024-13940 Ninja Forms Webhooks <= 3.0.7 - Authenticated (Admin+) Server-Side Request Forgery via Form Webhook — Ninja Forms Webhooks 5.5 Medium2025-05-14
CVE-2025-47733 Microsoft Power Apps Information Disclosure Vulnerability — Microsoft Power Pages 9.1 Critical2025-05-08
CVE-2025-29972 Azure Storage Resource Provider Spoofing Vulnerability — Azure Storage Resource Provider (SRP) 9.9 Critical2025-05-08
CVE-2025-47664 WordPress WP Pipes <= 1.4.2 - Server Side Request Forgery (SSRF) Vulnerability — WP Pipes 4.4 Medium2025-05-07
CVE-2025-47635 WordPress WebinarPress plugin <= 1.33.28 - Server Side Request Forgery (SSRF) Vulnerability — WebinarPress 5.5 Medium2025-05-07
CVE-2025-47548 WordPress Wbcom Designs - Activity Link Preview For BuddyPress plugin <= 1.4.4 - Server Side Request Forgery (SSRF) Vulnerability — Wbcom Designs - Activity Link Preview For BuddyPress 5.4 Medium2025-05-07
CVE-2025-47483 WordPress Easy Replace Image plugin <= 3.5.0 - Server Side Request Forgery (SSRF) Vulnerability — Easy Replace Image 4.9 Medium2025-05-07
CVE-2025-47484 WordPress Display Remote Posts Block plugin <= 1.1.0 - Server Side Request Forgery (SSRF) Vulnerability — Display Remote Posts Block 6.4 Medium2025-05-07
CVE-2025-47464 WordPress Solace Extra plugin <= 1.3.1 - Server Side Request Forgery (SSRF) Vulnerability — Solace Extra 4.9 Medium2025-05-07
CVE-2024-55910 IBM Concert Software server-side request forgery — Concert Software 6.5 Medium2025-05-02
CVE-2025-46568 Stirling-PDF Server-Side Request Forgery (SSRF)-Induced Arbitrary File Read Vulnerability — Stirling-PDF 7.5AIHighAI2025-05-01
CVE-2024-13845 Gravity Forms WebHooks <= 1.6.0 - Authenticated (Admin+) Server-Side Request Forgery via Webhook — Gravity Forms WebHooks 5.5 Medium2025-05-01

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1496 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.