Weaknesses of type CWE-918
2,184 resultsCVE-2024-43371MEDIUMPotential access to sensitive URLs via CKAN extensions (SSRF)EPSS 0.3%CVE-2026-7178MEDIUMChatGPTNextWeb NextChat Artifacts Endpoint route.ts storeUrl server-side request forgeryEPSS 0.3%CVE-2026-34160HIGHChamilo LMS: Unauthenticated SSRF via PENS Plugin allows attacker to probe internal network and reach cloud metadata servicesEPSS 0.3%CVE-2024-5186HIGHServer Side Request Forgery (SSRF) in imartinez/privategptEPSS 0.3%CVE-2025-4581MEDIUMLiferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.4 ,2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.EPSS 0.3%CVE-2025-2243MEDIUMSSRF in GravityZone Console via DNS Truncation (VA-12634)EPSS 0.3%CVE-2024-13905MEDIUMOneStore Sites <= 0.1.1 - Unauthenticated Blind Server-Side Request ForgeryEPSS 0.3%CVE-2021-47776MEDIUMUmbraco v8.14.1 - 'baseUrl' SSRFEPSS 0.3%CVE-2025-61784HIGHLLaMA Factory's Chat API has Critical SSRF and LFI VulnerabilitiesEPSS 0.3%CVE-2023-6805MEDIUMRSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator <= 4.4.7 - Authenticated(Contributor+) Blind Server-Side Request Forgery (SSRF)EPSS 0.3%CVE-2024-27949MEDIUMWordPress Sirv plugin <= 7.2.0 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.3%CVE-2024-22217MEDIUMA Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to acceEPSS 0.3%CVE-2025-60540MEDIUMkarakeep v0.26.0 to v0.7.0 was discovered to contain a Server-Side Request Forgery (SSRF).EPSS 0.3%CVE-2026-27730HIGHesm.sh has SSRF localhost/private-network bypass in `/http(s)` module routeEPSS 0.3%CVE-2025-8520MEDIUMgivanz Vvveb Drag-and-Drop Editor editor server-side request forgeryEPSS 0.3%CVE-2023-41804HIGHWordPress Starter Templates Plugin <= 3.2.4 is vulnerable to Server Side Request Forgery (SSRF)EPSS 0.3%CVE-2025-62616CRITICALAutoGPT has SSRF vulnerability in SendDiscordFileBlockEPSS 0.3%CVE-2026-33237MEDIUMAVideo has SSRF in Scheduler Plugin via callbackURL Missing `isSSRFSafeURL()` ValidationEPSS 0.3%CVE-2023-50165HIGHPega Platform versions 8.2.1 to Infinity 23.1.0 are affected by an Generated PDF issue that could expose file contents.EPSS 0.3%CVE-2025-1447MEDIUMkasuganosoras Pigeon index.php server-side request forgeryEPSS 0.3%