CWE-918
Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
CVE-2025-57984 (GCVE-0-2025-57984)
Vulnerability from cvelistv5 – Published: 2025-09-22 18:24 – Updated: 2026-04-28 16:13
VLAI
Title
WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.4 - Server Side Request Forgery (SSRF) Vulnerability
Summary
Server-Side Request Forgery (SSRF) vulnerability in Pratik Ghela MakeStories (for Google Web Stories) makestories-helper allows Server Side Request Forgery.This issue affects MakeStories (for Google Web Stories): from n/a through <= 3.0.4.
Severity
4.4 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Pratik Ghela | MakeStories (for Google Web Stories) |
Affected:
0 , ≤ 3.0.4
(custom)
|
Date Public
2026-04-01 16:43
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57984",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T14:32:11.246904Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T14:33:12.105Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "makestories-helper",
"product": "MakeStories (for Google Web Stories)",
"vendor": "Pratik Ghela",
"versions": [
{
"lessThanOrEqual": "3.0.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nabil Irawan | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:43:12.270Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Server-Side Request Forgery (SSRF) vulnerability in Pratik Ghela MakeStories (for Google Web Stories) makestories-helper allows Server Side Request Forgery.\u003cp\u003eThis issue affects MakeStories (for Google Web Stories): from n/a through \u003c= 3.0.4.\u003c/p\u003e"
}
],
"value": "Server-Side Request Forgery (SSRF) vulnerability in Pratik Ghela MakeStories (for Google Web Stories) makestories-helper allows Server Side Request Forgery.This issue affects MakeStories (for Google Web Stories): from n/a through \u003c= 3.0.4."
}
],
"impacts": [
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "Server Side Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:13:40.048Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/makestories-helper/vulnerability/wordpress-makestories-for-google-web-stories-plugin-3-0-4-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
}
],
"title": "WordPress MakeStories (for Google Web Stories) Plugin \u003c= 3.0.4 - Server Side Request Forgery (SSRF) Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-57984",
"datePublished": "2025-09-22T18:24:27.700Z",
"dateReserved": "2025-08-22T11:37:23.199Z",
"dateUpdated": "2026-04-28T16:13:40.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58005 (GCVE-0-2025-58005)
Vulnerability from cvelistv5 – Published: 2025-09-22 18:24 – Updated: 2026-04-28 16:13
VLAI
Title
WordPress DriCub Theme <= 2.9 - Server Side Request Forgery (SSRF) Vulnerability
Summary
Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft DriCub dricub-driving-school allows Server Side Request Forgery.This issue affects DriCub: from n/a through <= 2.9.
Severity
5.4 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Theme/d… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SmartDataSoft | DriCub |
Affected:
0 , ≤ 2.9
(custom)
|
Date Public
2026-04-01 16:42
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58005",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T14:38:37.573844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T14:38:50.684Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "dricub-driving-school",
"product": "DriCub",
"vendor": "SmartDataSoft",
"versions": [
{
"lessThanOrEqual": "2.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bonds | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:42:54.458Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft DriCub dricub-driving-school allows Server Side Request Forgery.\u003cp\u003eThis issue affects DriCub: from n/a through \u003c= 2.9.\u003c/p\u003e"
}
],
"value": "Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft DriCub dricub-driving-school allows Server Side Request Forgery.This issue affects DriCub: from n/a through \u003c= 2.9."
}
],
"impacts": [
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "Server Side Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:13:40.380Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Theme/dricub-driving-school/vulnerability/wordpress-dricub-theme-2-9-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
}
],
"title": "WordPress DriCub Theme \u003c= 2.9 - Server Side Request Forgery (SSRF) Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-58005",
"datePublished": "2025-09-22T18:24:12.246Z",
"dateReserved": "2025-08-22T11:37:41.965Z",
"dateUpdated": "2026-04-28T16:13:40.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58011 (GCVE-0-2025-58011)
Vulnerability from cvelistv5 – Published: 2025-09-22 18:24 – Updated: 2026-04-28 16:13
VLAI
Title
WordPress Content Mask plugin <= 1.8.5.2 - Server Side Request Forgery (SSRF) vulnerability
Summary
Server-Side Request Forgery (SSRF) vulnerability in Alex Content Mask content-mask allows Server Side Request Forgery.This issue affects Content Mask: from n/a through <= 1.8.5.2.
Severity
6.4 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Alex | Content Mask |
Affected:
0 , ≤ 1.8.5.2
(custom)
|
Date Public
2026-04-01 16:42
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58011",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T15:40:53.060387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T17:55:19.580Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "content-mask",
"product": "Content Mask",
"vendor": "Alex",
"versions": [
{
"changes": [
{
"at": "1.8.5.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.8.5.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nabil Irawan | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:42:33.716Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Server-Side Request Forgery (SSRF) vulnerability in Alex Content Mask content-mask allows Server Side Request Forgery.\u003cp\u003eThis issue affects Content Mask: from n/a through \u003c= 1.8.5.2.\u003c/p\u003e"
}
],
"value": "Server-Side Request Forgery (SSRF) vulnerability in Alex Content Mask content-mask allows Server Side Request Forgery.This issue affects Content Mask: from n/a through \u003c= 1.8.5.2."
}
],
"impacts": [
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "Server Side Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:13:40.686Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/content-mask/vulnerability/wordpress-content-mask-plugin-1-8-5-2-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
}
],
"title": "WordPress Content Mask plugin \u003c= 1.8.5.2 - Server Side Request Forgery (SSRF) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-58011",
"datePublished": "2025-09-22T18:24:08.133Z",
"dateReserved": "2025-08-22T11:37:41.966Z",
"dateUpdated": "2026-04-28T16:13:40.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58045 (GCVE-0-2025-58045)
Vulnerability from cvelistv5 – Published: 2025-09-15 15:53 – Updated: 2025-09-15 16:37
VLAI
Title
Dataease server-side request forgery via unfiltered DB2 JDBC ldap parameter
Summary
Dataease is an open source data analytics and visualization platform. In Dataease versions up to 2.10.12, the patch introduced to mitigate DB2 JDBC deserialization remote code execution attacks only blacklisted the rmi parameter. The ldap parameter in the DB2 JDBC connection string was not filtered, allowing attackers to exploit the DB2 JDBC connection string to trigger server-side request forgery (SSRF). In higher versions of Java, ldap deserialization (autoDeserialize) is disabled by default, preventing remote code execution, but SSRF remains exploitable. Versions up to 2.10.12 are affected. The issue is fixed in version 2.10.13. Updating to 2.10.13 or later is recommended. No known workarounds are documented aside from upgrading.
Severity
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/dataease/dataease/security/adv… | x_refsource_CONFIRM |
| https://github.com/dataease/dataease/commit/77078… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58045",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-15T16:37:06.599224Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-15T16:37:09.814Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/dataease/dataease/security/advisories/GHSA-fmq3-6xhc-r845"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "dataease",
"vendor": "dataease",
"versions": [
{
"status": "affected",
"version": "\u003c 2.10.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dataease is an open source data analytics and visualization platform. In Dataease versions up to 2.10.12, the patch introduced to mitigate DB2 JDBC deserialization remote code execution attacks only blacklisted the rmi parameter. The ldap parameter in the DB2 JDBC connection string was not filtered, allowing attackers to exploit the DB2 JDBC connection string to trigger server-side request forgery (SSRF). In higher versions of Java, ldap deserialization (autoDeserialize) is disabled by default, preventing remote code execution, but SSRF remains exploitable. Versions up to 2.10.12 are affected. The issue is fixed in version 2.10.13. Updating to 2.10.13 or later is recommended. No known workarounds are documented aside from upgrading."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-15T15:53:02.970Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dataease/dataease/security/advisories/GHSA-fmq3-6xhc-r845",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dataease/dataease/security/advisories/GHSA-fmq3-6xhc-r845"
},
{
"name": "https://github.com/dataease/dataease/commit/77078658715bd85af5867afbfd5f1fcc37cf03c8",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dataease/dataease/commit/77078658715bd85af5867afbfd5f1fcc37cf03c8"
}
],
"source": {
"advisory": "GHSA-fmq3-6xhc-r845",
"discovery": "UNKNOWN"
},
"title": "Dataease server-side request forgery via unfiltered DB2 JDBC ldap parameter"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58045",
"datePublished": "2025-09-15T15:53:02.970Z",
"dateReserved": "2025-08-22T14:30:32.220Z",
"dateUpdated": "2025-09-15T16:37:09.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5817 (GCVE-0-2025-5817)
Vulnerability from cvelistv5 – Published: 2025-07-02 03:47 – Updated: 2026-04-08 16:52
VLAI
Title
Amazon Products to WooCommerce <= 1.2.7 - Unauthenticated Server-Side Request Forgery
Summary
The Amazon Products to WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.7 via the wcta2w_get_urls(). This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity
7.2 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| suhailahmad64 | Amazon Products to WooCommerce |
Affected:
0 , ≤ 1.2.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5817",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T13:00:36.007069Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T13:18:38.235Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Amazon Products to WooCommerce",
"vendor": "suhailahmad64",
"versions": [
{
"lessThanOrEqual": "1.2.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ch4r0n"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Amazon Products to WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.7 via the wcta2w_get_urls(). This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:52:16.632Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5055cf24-14c7-4533-8900-a5f4c1435201?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/import-products-to-wc/trunk/inc/urls-ajax.php#L28"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-01T14:56:35.000Z",
"value": "Disclosed"
}
],
"title": "Amazon Products to WooCommerce \u003c= 1.2.7 - Unauthenticated Server-Side Request Forgery"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-5817",
"datePublished": "2025-07-02T03:47:24.666Z",
"dateReserved": "2025-06-06T16:38:33.740Z",
"dateUpdated": "2026-04-08T16:52:16.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58179 (GCVE-0-2025-58179)
Vulnerability from cvelistv5 – Published: 2025-09-04 23:36 – Updated: 2025-09-05 14:53
VLAI
Title
Astro Cloudflare adapter is vulnerable to Server-Side Request Forgery via /_image endpoint
Summary
Astro is a web framework for content-driven websites. Versions 11.0.3 through 12.6.5 are vulnerable to SSRF when using Astro's Cloudflare adapter. When configured with output: 'server' while using the default imageService: 'compile', the generated image optimization endpoint doesn't check the URLs it receives, allowing content from unauthorized third-party domains to be served. a A bug in impacted versions of the @astrojs/cloudflare adapter for deployment on Cloudflare’s infrastructure, allows an attacker to bypass the third-party domain restrictions and serve any content from the vulnerable origin. This issue is fixed in version 12.6.6.
Severity
7.2 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/withastro/astro/security/advis… | x_refsource_CONFIRM |
| https://github.com/withastro/astro/commit/9ecf359… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58179",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-05T14:53:18.491800Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T14:53:29.299Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "astro",
"vendor": "withastro",
"versions": [
{
"status": "affected",
"version": "\u003e= 11.0.3, \u003c 12.6.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Astro is a web framework for content-driven websites. Versions 11.0.3 through 12.6.5 are vulnerable to SSRF when using Astro\u0027s Cloudflare adapter. When configured with output: \u0027server\u0027 while using the default imageService: \u0027compile\u0027, the generated image optimization endpoint doesn\u0027t check the URLs it receives, allowing content from unauthorized third-party domains to be served. a A bug in impacted versions of the @astrojs/cloudflare adapter for deployment on Cloudflare\u2019s infrastructure, allows an attacker to bypass the third-party domain restrictions and serve any content from the vulnerable origin. This issue is fixed in version 12.6.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T23:36:44.393Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/withastro/astro/security/advisories/GHSA-qpr4-c339-7vq8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/withastro/astro/security/advisories/GHSA-qpr4-c339-7vq8"
},
{
"name": "https://github.com/withastro/astro/commit/9ecf3598e2b29dd74614328fde3047ea90e67252",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/withastro/astro/commit/9ecf3598e2b29dd74614328fde3047ea90e67252"
}
],
"source": {
"advisory": "GHSA-qpr4-c339-7vq8",
"discovery": "UNKNOWN"
},
"title": "Astro Cloudflare adapter is vulnerable to Server-Side Request Forgery via /_image endpoint"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58179",
"datePublished": "2025-09-04T23:36:44.393Z",
"dateReserved": "2025-08-27T13:34:56.190Z",
"dateUpdated": "2025-09-05T14:53:29.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5818 (GCVE-0-2025-5818)
Vulnerability from cvelistv5 – Published: 2025-07-23 02:24 – Updated: 2026-04-08 16:58
VLAI
Title
Featured Image Plus – Quick & Bulk Edit with Unsplash <= 1.6.6 - Authenticated (Admin+) Server-Side Request Forgery
Summary
The Featured Image Plus – Quick & Bulk Edit with Unsplash plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.6 via the fip_get_image_options() function. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity
5.5 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| krasenslavov | Featured Image Plus – Bulk Edit Featured Images, Unsplash & Alt Text Manager |
Affected:
0 , ≤ 1.6.6
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-23T15:52:11.437162Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T15:57:40.196Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Featured Image Plus \u2013 Bulk Edit Featured Images, Unsplash \u0026 Alt Text Manager",
"vendor": "krasenslavov",
"versions": [
{
"lessThanOrEqual": "1.6.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ch4r0n"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Featured Image Plus \u2013 Quick \u0026 Bulk Edit with Unsplash plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.6 via the fip_get_image_options() function. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:58:34.735Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6904f168-e06f-4f17-905b-a943a39dfbdb?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/featured-image-plus/trunk/inc/admin/block-editor/block-editor-actions.php#L166"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3331831%40featured-image-plus\u0026new=3331831%40featured-image-plus\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-22T14:05:14.000Z",
"value": "Disclosed"
}
],
"title": "Featured Image Plus \u2013 Quick \u0026 Bulk Edit with Unsplash \u003c= 1.6.6 - Authenticated (Admin+) Server-Side Request Forgery"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-5818",
"datePublished": "2025-07-23T02:24:38.208Z",
"dateReserved": "2025-06-06T16:49:08.190Z",
"dateUpdated": "2026-04-08T16:58:34.735Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58203 (GCVE-0-2025-58203)
Vulnerability from cvelistv5 – Published: 2025-08-27 17:45 – Updated: 2026-05-12 00:36
VLAI
Title
WordPress Solace Extra Plugin <= 1.3.2 - Server Side Request Forgery (SSRF) Vulnerability
Summary
Server-Side Request Forgery (SSRF) vulnerability in solacewp Solace Extra solace-extra allows Server Side Request Forgery.This issue affects Solace Extra: from n/a through <= 1.3.2.
Severity
4.4 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| solacewp | Solace Extra |
Affected:
0 , ≤ 1.3.2
(custom)
|
Date Public
2026-04-01 16:42
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58203",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-27T18:26:28.494680Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T00:36:03.974Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "solace-extra",
"product": "Solace Extra",
"vendor": "solacewp",
"versions": [
{
"changes": [
{
"at": "1.3.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Que Thanh Tuan | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:42:24.339Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Server-Side Request Forgery (SSRF) vulnerability in solacewp Solace Extra solace-extra allows Server Side Request Forgery.\u003cp\u003eThis issue affects Solace Extra: from n/a through \u003c= 1.3.2.\u003c/p\u003e"
}
],
"value": "Server-Side Request Forgery (SSRF) vulnerability in solacewp Solace Extra solace-extra allows Server Side Request Forgery.This issue affects Solace Extra: from n/a through \u003c= 1.3.2."
}
],
"impacts": [
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "Server Side Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:13:41.710Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/solace-extra/vulnerability/wordpress-solace-extra-plugin-1-3-2-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
}
],
"title": "WordPress Solace Extra Plugin \u003c= 1.3.2 - Server Side Request Forgery (SSRF) Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-58203",
"datePublished": "2025-08-27T17:45:44.499Z",
"dateReserved": "2025-08-27T16:19:10.125Z",
"dateUpdated": "2026-05-12T00:36:03.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58441 (GCVE-0-2025-58441)
Vulnerability from cvelistv5 – Published: 2026-01-07 17:16 – Updated: 2026-01-07 18:21
VLAI
Title
Knowage is vulnerable to blind server-side request forgery (SSRF)
Summary
Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, there is a blind server-side request forgery vulnerability. The vulnerability allows attackers to send requests to arbitrary hosts/paths. Since the attacker is not able to read the response, the impact of this vulnerability is limited. However, an attacker should be able to leverage this vulnerability to scan the internal network. This issue has been patched in version 8.1.37.
Severity
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/KnowageLabs/Knowage-Server/sec… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| KnowageLabs | Knowage-Server |
Affected:
< 8.1.37
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58441",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-07T18:21:07.463217Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T18:21:35.951Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Knowage-Server",
"vendor": "KnowageLabs",
"versions": [
{
"status": "affected",
"version": "\u003c 8.1.37"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, there is a blind server-side request forgery vulnerability. The vulnerability allows attackers to send requests to arbitrary hosts/paths. Since the attacker is not able to read the response, the impact of this vulnerability is limited. However, an attacker should be able to leverage this vulnerability to scan the internal network. This issue has been patched in version 8.1.37."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T17:16:44.798Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-m6x8-wh9v-6jxp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-m6x8-wh9v-6jxp"
}
],
"source": {
"advisory": "GHSA-m6x8-wh9v-6jxp",
"discovery": "UNKNOWN"
},
"title": "Knowage is vulnerable to blind server-side request forgery (SSRF)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58441",
"datePublished": "2026-01-07T17:16:44.798Z",
"dateReserved": "2025-09-01T20:03:06.532Z",
"dateUpdated": "2026-01-07T18:21:35.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58615 (GCVE-0-2025-58615)
Vulnerability from cvelistv5 – Published: 2025-09-03 14:36 – Updated: 2026-05-12 00:39
VLAI
Title
WordPress WP Bannerize Pro Plugin <= 1.10.0 - Server Side Request Forgery (SSRF) Vulnerability
Summary
Server-Side Request Forgery (SSRF) vulnerability in gfazioli WP Bannerize Pro wp-bannerize-pro allows Server Side Request Forgery.This issue affects WP Bannerize Pro: from n/a through <= 1.10.0.
Severity
4.4 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| gfazioli | WP Bannerize Pro |
Affected:
0 , ≤ 1.10.0
(custom)
|
Date Public
2026-04-01 16:42
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58615",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T17:37:11.846987Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T00:39:50.989Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-bannerize-pro",
"product": "WP Bannerize Pro",
"vendor": "gfazioli",
"versions": [
{
"changes": [
{
"at": "1.11.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.10.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nabil Irawan | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:42:39.814Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Server-Side Request Forgery (SSRF) vulnerability in gfazioli WP Bannerize Pro wp-bannerize-pro allows Server Side Request Forgery.\u003cp\u003eThis issue affects WP Bannerize Pro: from n/a through \u003c= 1.10.0.\u003c/p\u003e"
}
],
"value": "Server-Side Request Forgery (SSRF) vulnerability in gfazioli WP Bannerize Pro wp-bannerize-pro allows Server Side Request Forgery.This issue affects WP Bannerize Pro: from n/a through \u003c= 1.10.0."
}
],
"impacts": [
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "Server Side Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:13:44.223Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/wp-bannerize-pro/vulnerability/wordpress-wp-bannerize-pro-plugin-1-10-0-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
}
],
"title": "WordPress WP Bannerize Pro Plugin \u003c= 1.10.0 - Server Side Request Forgery (SSRF) Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-58615",
"datePublished": "2025-09-03T14:36:47.587Z",
"dateReserved": "2025-09-03T09:02:47.357Z",
"dateUpdated": "2026-05-12T00:39:50.989Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
No mitigation information available for this CWE.
CAPEC-664: Server Side Request Forgery
An adversary exploits improper input validation by submitting maliciously crafted input to a target application running on a server, with the goal of forcing the server to make a request either to itself, to web services running in the server’s internal network, or to external third parties. If successful, the adversary’s request will be made with the server’s privilege level, bypassing its authentication controls. This ultimately allows the adversary to access sensitive data, execute commands on the server’s network, and make external requests with the stolen identity of the server. Server Side Request Forgery attacks differ from Cross Site Request Forgery attacks in that they target the server itself, whereas CSRF attacks exploit an insecure user authentication mechanism to perform unauthorized actions on the user's behalf.