Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 480— Search: SSRF×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
WordPress Plugin Vulnerability Summary (XSS/SQLi/SSRF)
patchstack.com · 2025-11-19

- **Total Vulnerabilities**: 35,016 - **Mitigation rules**: 13,049 - **No official fix**: 6,707 - **In queue**: 1,300 - **Published sans fix**: 0 - Vulnerabilities listed include: - **Unauthenticated …

Read more
WordPress Plugin XSS and SSRF Vulnerability Patch Analysis
plugins.trac.wordpress.org · 2025-11-19

### Critical Vulnerability Information #### 1. Error Handling and Validation - **Code Changes in `includes/class-frontend.php`** - The old code uses `esc_html` to escape the URL, which is insufficient…

Read more
WordPress 4.5.3 Security Release: Fixes XSS, SSRF, Info Disclosure, and Cookie Theft
wordpress.org · 2025-11-08

- **WordPress Version**: 4.5.3 - **Release Type**: Maintenance and Security Release - **Date**: June 18, 2016 - **Affecting Versions**: 4.5.2 and earlier - **Security Issues**: - Redirect bypass in th…

Read more
Jenkins Multiple Plugins Vulnerabilities Advisory: XSS, SSRF, Sandbox Bypass, Session Hijacking
www.jenkins.io · 2024-11-17

From this webpage screenshot, the following key information about the vulnerabilities can be obtained: 1. **Vulnerability Descriptions**: - **Script Security Plugin**: The plugin does not perform perm…

Read more
cors-anywhere SSRF CVE-2020-36851: No blocking of RFC 1918 or Cloud IDMS
github.com · 2025-09-27

### Critical Vulnerability Information #### Vulnerability Title Full SSRF: Proxy Does Not Block RFC 1918 IP Ranges nor Cloud IDMS #### Severity Critical (9.5/10) #### Affected Packages and Versions - …

Read more
OpenHarnness Path Bypass and SSRF Vulnerability Fix
github.com · 2026-04-18

# [security] Harden path rules and web fetch network guards #92 ## Vulnerability Overview This Pull Request fixes two security vulnerabilities present in the OpenHarness tool: 1. **Sensitive path bypa…

Read more
KNIME Business Hub Multiple CVEs Advisory (RCE/SSRF/Hardcoded Password)
www.knime.com · 2025-11-09

## Critical Vulnerability Summary ### 1. CVE-2025-11240 - Open Redirect Vulnerability in KNIME Business Hub - **Release Date**: 2025-10-02 - **Affected Product**: KNIME Business Hub before 1.16.0 - **…

Read more
OpenHarness Path Traversal and SSRF Vulnerability Fix Analysis
github.com · 2026-04-18

# Vulnerability Summary ## Vulnerability Overview This commit fixes vulnerabilities related to Path Traversal and Web Guards in the OpenHarness project. The main issue lies in insufficient permission …

Read more
Chamilo PensProcessor SSRF Fix: Strict Private IP Validation
github.com · 2026-04-18

# Vulnerability Summary ## Overview This vulnerability involves **insufficiently strict URL validation logic**, which may allow access to private/reserved address ranges (such as internal network addr…

Read more
ProcessWire CMS Admin SSRF Vulnerability Analysis
gist.github.com · 2026-04-18

# ProcessWire CMS SSRF Vulnerability Summary ## Vulnerability Overview A **Server-Side Request Forgery (SSRF)** vulnerability exists in the admin panel of ProcessWire CMS (v3.0.255). The flaw is locat…

Read more
Unauthenticated SSRF in GPT Researcher WebSocket (CVSS 9.1) with POC
github.com · 2026-04-06

### Vulnerability Overview * **Vulnerability Name**: Unauthenticated WebSocket Source URL SSRF Vulnerability (Unauthenticated SSRF via WebSocket source_urls) * **Affected Product**: GPT Researcher * *…

Read more
SSRF Vulnerability in google-search-api Library (CVSS 8.8)
github.com · 2026-04-04

This request asks me to summarize a webpage screenshot regarding a "Google Search Server-Side Request Forgery (SSRF) Vulnerability." **1. Vulnerability Overview:** * **Title:** Server-Side Request For…

Read more
Roundcube Webmail Security Update: SSRF, XSS, Deserialization Fixes
roundcube.net · 2026-04-03

### 漏洞概述 Roundcube Webmail 发布安全更新(版本 1.7-rc5、1.6.14 和 1.5.14),修复了多个近期报告的安全漏洞。 ### 影响范围 - Roundcube Webmail 1.6 和 1.5 LTS 版本 - Roundcube Webmail 1.7 的候选版本(1.7-rc5) ### 修复方案 建议立即升级至以下版本以修复所有已知漏洞: - **1.…

Read more
ImEditor SSRF Vulnerability Analysis (CVSS 7.5) with POC
github.com · 2026-04-03

# ImEditor 服务端请求伪造 (SSRF) 漏洞总结 ### 漏洞概述 * **漏洞名称:** Server-Side Request Forgery (SSRF) Vulnerability in ImEditor #11 * **CVSS 评分:** 7.5 (High) * **描述:** ImEditor 的 `upload.php` 脚本存在服务端请求伪造漏洞。攻击者可通过构造恶…

Read more
Open WebUI v0.8.11 Security Patch Summary: SSRF, Bypass, Session Fixation
github.com · 2026-04-02

# Open WebUI v0.8.11 Security Vulnerability Fixes Summary ## Vulnerability Overview This release fixes multiple security vulnerabilities, primarily involving **model access control bypass**, **termina…

Read more
Patchstack WordPress Vulnerability Database Summary (RCE/SSRF/SQLi)
patchstack.com · 2026-04-02

## Patchstack Open Source Vulnerability Database ### Vulnerability Overview This page displays **39,658+** WordPress-related vulnerabilities, covering multiple vulnerability types: - **SSRF (Server-Si…

Read more
Advanced Woo Labels Plugin Vulnerability Analysis (XSS/SSRF/RCE)
plugins.trac.wordpress.org · 2026-02-25

### Critical Vulnerability Information - **Plugin Name**: Advanced Woo Labels - **File**: `/includes/admin/class-awl-admin-ajax.php` - **Version**: 2.34 - **Last Modified**: Modified in changeset 3443…

Read more
WordPress Plugin Bit Form SSRF Vulnerability (CVE-2024-13450) Advisory
www.wordfence.com · 2026-02-26

### Critical Vulnerability Information #### Vulnerability Summary - **CVE ID**: CVE-2024-13450 - **CVSS Score**: 3.8 (Low) - **Vulnerability Type**: Server-Side Request Forgery (SSRF) - **Publication …

Read more
v1.1.3-alpha Security Fixes: Persistent XSS and SSRF Mitigation
github.com · 2026-02-21

## Critical Vulnerability Information ### v1.1.3-alpha (Pre-release) #### Security Fixes - **XSS Prevention**: Mitigated the primary persistent XSS risk in chat tool interfaces by eliminating unsafe r…

Read more
SSRF Private Network Bypass via Numeric Address (GHSA-hgr9-frvw-5r76)
github.com · 2026-01-30

From the provided web screenshot, we can extract the following key information about the vulnerability: ### Vulnerability Summary - **Vulnerability Name**: SSRF (Server-Side Request Forgery) and priva…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.