Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1496

1496 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-2170 SonicWALL SMA1000 安全漏洞 — SMA1000 9.8AICriticalAI2025-04-30
CVE-2025-4012 playeduxyz PlayEdu 开源培训系统 User Avatar create server-side request forgery — PlayEdu 开源培训系统 2.7 Low2025-04-28
CVE-2023-35817 DevExpress 安全漏洞 — DevExpress 5.0 Medium2025-04-28
CVE-2025-3954 ChurchCRM Referer server-side request forgery — ChurchCRM 3.7 Low2025-04-26
CVE-2025-3775 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.2 - Unauthenticated Server-Side Request Forgery via URL Parameter — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin 6.5 Medium2025-04-25
CVE-2025-46531 WordPress WP AVCL Automation Helper (formerly WPFlyLeads) plugin <= 3.4 - Server Side Request Forgery (SSRF) Vulnerability — WP AVCL Automation Helper (formerly WPFlyLeads) 4.9 Medium2025-04-24
CVE-2025-46511 WordPress BeerXML Shortcode plugin <= 0.7.1 - Server Side Request Forgery (SSRF) Vulnerability — BeerXML Shortcode 6.4 Medium2025-04-24
CVE-2025-46503 WordPress Simple Google Photos Grid plugin <= 1.5 - Server Side Request Forgery (SSRF) Vulnerability — Simple Google Photos Grid 4.9 Medium2025-04-24
CVE-2025-46443 WordPress Animate plugin <= 0.5 - Server Side Request Forgery (SSRF) Vulnerability — Animate 4.9 Medium2025-04-24
CVE-2025-1522 PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability — PostHog 6.5 -2025-04-23
CVE-2025-1521 PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability — PostHog 6.5 -2025-04-23
CVE-2025-27907 IBM WebSphere Application Server server-side request forgery — WebSphere Application Server 4.1 Medium2025-04-22
CVE-2025-2987 IBM Maximo Asset Management server-side request forgery — Maximo Asset Management 3.8 Low2025-04-21
CVE-2025-3787 PbootCMS Image server-side request forgery — PbootCMS 2.7 Low2025-04-18
CVE-2024-56736 Apache HertzBeat: Server-Side Request Forgery (SSRF) in Api Config Oss — Apache HertzBeat 9.1AICriticalAI2025-04-16
CVE-2025-3691 mirweiye Seven Bears Library CMS Add Link server-side request forgery — Seven Bears Library CMS 2.7 Low2025-04-16
CVE-2025-30964 WordPress Photography theme < 7.7.6 - Server Side Request Forgery (SSRF) vulnerability — Photography 5.4 Medium2025-04-15
CVE-2025-26990 WordPress Royal Elementor Addons plugin <= 1.7.1006 - Server Side Request Forgery (SSRF) vulnerability — Royal Elementor Addons 4.4 Medium2025-04-15
CVE-2025-32102 CrushFTP 安全漏洞 — CrushFTP 5.0 Medium2025-04-15
CVE-2025-31490 AutoGPT allows SSRF due to DNS Rebinding in requests wrapper — AutoGPT 7.5 High2025-04-14
CVE-2025-3572 INTUMIT SmartRobot - Server-Side Request Forgery — SmartRobot 7.5 High2025-04-14
CVE-2025-22374 SSRF in CyberAudit-Web videx-legacy-ssl — CyberAudit-Web 9.8AICriticalAI2025-04-10
CVE-2025-31009 WordPress IndieBlocks plugin <= 0.13.1 - Server Side Request Forgery (SSRF) Vulnerability — IndieBlocks 5.4 Medium2025-04-09
CVE-2025-32487 WordPress Waymark plugin <= 1.5.2 - Server Side Request Forgery (SSRF) Vulnerability — Waymark 4.9 Medium2025-04-09
CVE-2025-32675 WordPress SEO Help plugin <= 6.7.9 - Server Side Request Forgery (SSRF) vulnerability — SEO Help 6.8 Medium2025-04-09
CVE-2025-32691 WordPress PowerPress Podcasting plugin <= 11.12.6 - Server Side Request Forgery (SSRF) Vulnerability — PowerPress Podcasting 4.9 Medium2025-04-09
CVE-2025-32372 Server-Side Request Forgery (SSRF) in DotNetNuke.Core — Dnn.Platform 6.5 Medium2025-04-09
CVE-2025-3412 mymagicpower AIAS InferController.java server-side request forgery — AIAS 6.3 Medium2025-04-08
CVE-2025-3411 mymagicpower AIAS AsrController.java server-side request forgery — AIAS 6.3 Medium2025-04-08
CVE-2025-32013 Server-Side Request Forgery via LNURL Authentication Callback in LNbits Lightning Network Payment System — lnbits 7.5AIHighAI2025-04-06

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1496 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.