Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1496

1496 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-53696 QuLog Center — QuLog Center 4.9 -2025-03-07
CVE-2025-27152 Possible SSRF and Credential Leakage via Absolute URL in axios Requests — axios 10.0 -2025-03-07
CVE-2024-13857 WPGet API <= 2.2.10 - Authenticated (Administrator+) Server-Side Request Forgery — WPGet API – Connect to any external REST API 5.5 Medium2025-03-07
CVE-2024-13904 Platform.ly for WooCommerce <= 1.1.6 - Unauthenticated Blind Server-Side Request Forgery — Platform.ly for WooCommerce 5.3 Medium2025-03-07
CVE-2025-27600 FastGPT SSRF — FastGPT 7.5 -2025-03-06
CVE-2025-27501 Server Side Request Forgery in Ziti Console — ziti-console 8.6 High2025-03-03
CVE-2025-25303 Server-Side Request Forgery (SSRF) in MouseTooltipTranslator — MouseTooltipTranslator 8.1 -2025-03-03
CVE-2025-25301 Rembg allows SSRF via /api/remove — rembg 5.3 -2025-03-03
CVE-2025-1849 zj1983 zz import_data_todb server-side request forgery — zz 6.3 Medium2025-03-03
CVE-2025-1848 zj1983 zz import_data_check server-side request forgery — zz 6.3 Medium2025-03-03
CVE-2025-1833 zj1983 zz HTTP Request Customer_noticeAction.java sendNotice server-side request forgery — zz 6.3 Medium2025-03-02
CVE-2025-1799 Zorlan SkyCaiji Tool.php previewAction server-side request forgery — SkyCaiji 6.3 Medium2025-03-01
CVE-2024-13697 Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.7.4 - Unauthenticated Limited Server-Side Request Forgery in nice_links — Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private Messages 4.8 Medium2025-03-01
CVE-2025-1662 URL Media Uploader <= 1.0.0 - Authenticated (Author+) Server-Side Request Forgery via DNS Rebinding — URL Media Uploader 6.4 Medium2025-02-28
CVE-2024-13907 Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.8 - Authenticated (Administrator+) Server-Side Request Forgery — Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid 4.9 Medium2025-02-27
CVE-2024-13905 OneStore Sites <= 0.1.1 - Unauthenticated Blind Server-Side Request Forgery — OneStore Sites 5.3 Medium2025-02-27
CVE-2024-13695 Enfold <= 6.0.9 - Authenticated (Subscriber+) Server-Side Request Forgery via attachment_id — Enfold - Responsive Multi-Purpose Theme 6.4 Medium2025-02-25
CVE-2025-1043 Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files <= 2.7.5 - Authenticated (Contributor+) Blind Server-Side Request Forgery via embeddoc Shortcode — Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files 6.4 Medium2025-02-20
CVE-2024-37359 Hitachi Vantara Pentaho Business Analytics Server – Server Side Request Forgery — Pentaho Data Integration & Analytics 8.6 High2025-02-19
CVE-2025-27090 Server-Side Request Forgery (SSRF) in sliver teamserver — sliver 4.3 -2025-02-19
CVE-2025-1447 kasuganosoras Pigeon index.php server-side request forgery — Pigeon 4.3 Medium2025-02-19
CVE-2024-13741 ProfileGrid – User Profiles, Groups and Communities <= 5.9.4.2 - Authenticated (Subscriber+) Limited Server-Side Request Forgery — ProfileGrid – User Profiles, Groups and Communities 5.4 Medium2025-02-18
CVE-2025-20075 JIP InfoBridge FileMegane 代码问题漏洞 — FileMegane 7.5 -2025-02-17
CVE-2024-13879 Stream <= 4.0.2 - Authenticated (Admin+) Server-Side Request Forgery — Stream 5.5 Medium2025-02-17
CVE-2024-13834 Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme <= 3.1.4 - Authenticated (Contributor+) Blind Server-Side Request Forgery via remote_request — Responsive Plus – Elementor Templates & Starter Sites 5.4 Medium2025-02-15
CVE-2025-25297 Label Studio allows Server-Side Request Forgery in the S3 Storage Endpoint — label-studio 8.6 High2025-02-14
CVE-2025-26494 Server Side Request Forgery vulnerability in Tableau Server — Tableau Server 9.8 -2025-02-11
CVE-2025-22399 Dell UCC Edge 代码问题漏洞 — UCC Edge 7.9 High2025-02-11
CVE-2024-52606 SolarWinds Platform Server-Side Request Forgery Vulnerability — SolarWinds 3.5 Low2025-02-11
CVE-2025-1211 Hackney 安全漏洞 — hackney 6.5 Medium2025-02-11

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1496 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.