Weaknesses of type CWE-918

2,203 results
CVE-2025-49374MEDIUMWordPress Captcha.eu plugin <= 1.0.61 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2026-22662MEDIUMprompts.chat Blind SSRF via media-generateEPSS 0.2%CVE-2025-58005MEDIUMWordPress DriCub Theme <= 2.9 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2025-64252MEDIUMWordPress ANAC XML Viewer plugin <= 1.8.2 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2026-55412HIGHToolJet Cloud - SSRF to Azure Cloud Infrastructure CompromiseEPSS 0.2%CVE-2026-50168HIGHAngular: URL Parser Differential in @angular/platform-server leading to SSRF Allowlist BypassEPSS 0.2%CVE-2025-58011MEDIUMWordPress Content Mask plugin <= 1.8.5.2 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2026-43936MEDIUMe107: Server-Side Request Forgery (SSRF) in the remote file fetcherEPSS 0.2%CVE-2025-53250MEDIUMWordPress Chartbeat Plugin <= 2.0.7 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2024-0862MEDIUMThe Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side Request Forgery vulnerability that allows an aEPSS 0.2%CVE-2025-6729MEDIUMPayMaster for WooCommerce <= 0.4.31 - Authenticated (Subscriber+) Server-Side Request ForgeryEPSS 0.2%CVE-2025-58615MEDIUMWordPress WP Bannerize Pro Plugin <= 1.10.0 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2025-12886HIGHOxygen <= 6.0.8 - Unauthenticated Server-Side Request Forgery via route_pathEPSS 0.2%CVE-2025-69206MEDIUMHemmelig has SSRF Filter bypass in Secret Request functionalityEPSS 0.2%CVE-2025-46503MEDIUMWordPress Simple Google Photos Grid plugin <= 1.5 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2026-33126MEDIUMFrigate has SSRF vulnerability in /ffprobe endpointEPSS 0.2%CVE-2025-29008MEDIUMWordPress SocialMark plugin <= 2.0.7 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2026-25738MEDIUMIndico has Server-Side Request Forgery (SSRF) in multiple placesEPSS 0.2%CVE-2025-30976MEDIUMWordPress Nexa Blocks plugin <= 1.1.1 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2026-42430MEDIUMOpenClaw < 2026.4.8 - Strict Browser SSRF Bypass via Playwright Redirect HandlingEPSS 0.2%