Falhas do tipo CWE-918
2.197 resultadosCVE-2026-0682LOWChurch Admin <= 5.0.28 - Authenticated (Administrator+) Blind Server-Side Request Forgery via 'audio_url' ParameterEPSS 0.2%CVE-2024-13834MEDIUMResponsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme <= 3.1.4 - Authenticated (Contributor+) Blind Server-Side Request Forgery via remote_requestEPSS 0.2%CVE-2026-35629MEDIUMOpenClaw < 2026.3.25 - Server-Side Request Forgery via Unguarded Configured Base URLs in Channel ExtensionsEPSS 0.2%CVE-2026-34719HIGHZammad has a Server-side request forgery (SSRF) via webhooksEPSS 0.2%CVE-2024-35637MEDIUMWordPress Church Admin plugin <= 4.3.6 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2025-9522MEDIUMBlind Server-Side Request Forgery (SSRF) in Omada ControllerEPSS 0.2%CVE-2024-35635MEDIUMWordPress Ninja Tables plugin <= 5.0.9 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2026-26379MEDIUMKoha versions up to 25.11 contain a Server-Side Request Forgery (SSRF) vulnerability via the Z39.50/SRU server configuration. This allows auEPSS 0.2%CVE-2023-6070MEDIUM
A server-side request forgery vulnerability in ESM prior to version 11.6.8 allows a low privileged authenticated user to upload arbitrary cEPSS 0.2%CVE-2024-45206MEDIUMA vulnerability in Veeam Service Provider Console has been identified, which allows to perform arbitrary HTTP requests to arbitrary hosts ofEPSS 0.2%CVE-2025-14793MEDIUMDK PDF – WordPress PDF Generator <= 2.3.0 - Authenticated (Author+) Server-Side Request ForgeryEPSS 0.2%CVE-2026-11370MEDIUMWP Meta SEO <= 4.5.18 - Authenticated (Contributor+) Server-Side Request Forgery via 'new_link' ParameterEPSS 0.2%CVE-2026-30232HIGHChartbrew has SSRF in API Data Connection - No IP Validation on User-Provided URLsEPSS 0.2%CVE-2025-6142MEDIUMIntera InHire server-side request forgeryEPSS 0.2%CVE-2026-20041MEDIUMCisco Nexus Dashboard Server Side Request Forgery VulnerabilityEPSS 0.2%CVE-2026-49359MEDIUMPhpWeasyPrint vulnerable to SSRF and local file disclosure via the attachment optionEPSS 0.2%CVE-2025-46385HIGHCWE-918 Server-Side Request Forgery (SSRF)EPSS 0.2%CVE-2026-28476MEDIUMOpenClaw < 2026.2.14 - Server-Side Request Forgery in Tlon Extension AuthenticationEPSS 0.2%CVE-2025-30680HIGHA Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (SaaS) could allow an attacker to manipulate certain parameteEPSS 0.2%CVE-2024-13957HIGHSSRF Server Side Request ForgeryEPSS 0.2%