CVE-2026-25511

Group-Office is vulnerable to SSRF and file read through the WOPI service discovery URL. An authenticated user in the System Administrator group can trigger SSRF to access internal hosts/ports, with the SSRF response exfiltrated via the built-in debug system, effectively enabling full server-side...

CVE-2026-22247

GLPI is a free asset and IT management software package. From version 11.0.0 to before 11.0.5, a GLPI administrator can perform SSRF request through the Webhook feature. This issue has been patched in version 11.0.5...

CVE-2026-22247 GLPI is Vulnerable to SSRF via Webhooks

GLPI is a free asset and IT management software package. From version 11.0.0 to before 11.0.5, a GLPI administrator can perform SSRF request through the Webhook feature. This issue has been patched in version 11.0.5...

CVE-2026-22247 GLPI is Vulnerable to SSRF via Webhooks

GLPI is a free asset and IT management software package. From version 11.0.0 to before 11.0.5, a GLPI administrator can perform SSRF request through the Webhook feature. This issue has been patched in version 11.0.5...

CVE-2026-1447

The Mail Mint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.19.2. This is due to missing nonce validation on the createorupdatenote function. This makes it possible for unauthenticated attackers to create or update contact notes via a...

Ditty < 3.1.58 - Server-Side Request Forgery

The plugin lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs. v3.1.57 attempted to fix the issue with a nonce check, however any authenticated users, such as subscriber can retrieve it. id:...

EUVD-2026-5356

A vulnerability was identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. This affects an unknown part. The manipulation leads to cross-site request forgery. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. This product...

Group Office 代码问题漏洞

Group Office is a modular office suite developed by the Dutch company Group Office. Versions of Group Office prior to 6.8.150, 25.0.82, and 26.0.5 contained code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing in the WOPI service discovery URL, which could lead to...

📄 mPDF 8.1.0 Server-Side Request Forgery / Local File Disclosure / DoS

mPDF version 8.1.0 is vulnerable to multiple security issues related to unsafe handling of external resources, file paths, and image content during HTML-to-PDF rendering. When untrusted or partially trusted HTML input is processed, attackers may exploit insufficient validation to trigger...

CVE-2026-25151

Qwik is a performance focused javascript framework. Prior to version 1.19.0, Qwik City’s server-side request handler inconsistently interprets HTTP request headers, which can be abused by a remote attacker to circumvent form submission CSRF protections using specially crafted or multi-valued...

CVE-2026-25151

Qwik is a performance focused javascript framework. Prior to version 1.19.0, Qwik City’s server-side request handler inconsistently interprets HTTP request headers, which can be abused by a remote attacker to circumvent form submission CSRF protections using specially crafted or multi-valued...

GO-2026-4347 SiYuan vulnerable to Arbitrary file Read / SSRF in github.com/siyuan-note/siyuan/kernel

SiYuan vulnerable to Arbitrary file Read / SSRF in github.com/siyuan-note/siyuan/kernel...

GO-2026-4345 Mailpit has a Server-Side Request Forgery (SSRF) via HTML Check API in github.com/axllent/mailpit

Mailpit has a Server-Side Request Forgery SSRF via HTML Check API in github.com/axllent/mailpit...

CVE-2025-46651

Tiny File Manager through 2.6 contains a server-side request forgery SSRF vulnerability in the URL upload feature. Due to insufficient validation of user-supplied URLs, an attacker can send crafted requests to localhost by using http://www.127.0.0.1.example.com/ or a similarly constructed domain...

WordPress Royal Elementor Addons and Templates plugin <= 1.3.87 - Cross-Site Request Forgery via remove_from_wishlist vulnerability

Cross-Site Request Forgery via removefromwishlist vulnerability discovered by Francesco Carlucci in WordPress Plugin Royal Elementor Addons versions = 1.3.87...

CVE-2026-24961

Server-Side Request Forgery SSRF vulnerability in ThemeGoods Grand Blog grandblog allows Server Side Request Forgery.This issue affects Grand Blog: from n/a through 3.1.5...

EUVD-2026-5308

Cross-Site Request Forgery CSRF vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Cross Site Request Forgery.This issue affects ThirstyAffiliates: from n/a through = 3.11.9...

CVE-2026-25015 WordPress UsersWP plugin <= 1.2.53 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through = 1.2.53...

CVE-2026-25015

Cross-Site Request Forgery CSRF vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through = 1.2.53...

EUVD-2026-5248

Cross-Site Request Forgery CSRF vulnerability in wp.insider Simple Membership WP user Import simple-membership-wp-user-import allows Cross Site Request Forgery.This issue affects Simple Membership WP user Import: from n/a through = 1.9.1...