PT-2025-54458

Name of the Vulnerable Software and Affected Versions Cowrie versions prior to 2.9.0 Description Cowrie versions before 2.9.0 have a server-side request forgery SSRF issue in the emulated shell implementations of wget and curl. The default configuration allows these commands to make real outbound...

PT-2025-54377

Cross-Site Request Forgery CSRF vulnerability in MERGADO Mergado Pack allows Cross Site Request Forgery.This issue affects Mergado Pack: from n/a through 4.2.0...

WordPress plugin OpenHook 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

CVE-2022-50804 JM-DATA ONU JF511-TV 1.0.67 Cross-Site Request Forgery (CSRF) Vulnerability

JM-DATA ONU JF511-TV version 1.0.67 is vulnerable to cross-site request forgery CSRF attacks, allowing attackers to perform administrative actions on behalf of authenticated users without their knowledge or consent...

CVE-2025-69206

Hemmelig is a messing app with with client-side encryption and self-destructing messages. Prior to version 7.3.3, a Server-Side Request Forgery SSRF filter bypass vulnerability exists in the webhook URL validation of the Secret Requests feature. The application attempts to block internal/private ...

EUVD-2025-205805

Cross-Site Request Forgery CSRF vulnerability in ConoHa by GMO WING WordPress Migrator allows Upload a Web Shell to a Web Server.This issue affects WING WordPress Migrator: from n/a through 1.1.9...

CVE-2025-52835

Technical details for CVE-2025-52835 are not provided in the supplied documents. No confirmation of affected products, impact, or fixes is available here; please monitor for updates from official advisories.

EUVD-2025-205810

Cross-Site Request Forgery CSRF vulnerability in Merv Barrett Import into Easy Property Listings allows Cross Site Request Forgery.This issue affects Import into Easy Property Listings: from n/a through 2.2.1...

CVE-2025-62112

CVE-2025-62112 is a CSRF vulnerability in Import into Easy Property Listings (easy-property-listings-xml-csv-import) affecting versions from n/a up to and including 2.2.1. The connected documents do not provide technical details on root cause, impact, exploit steps, or remediation. No public patc...

EUVD-2025-205730

Server-Side Request Forgery SSRF vulnerability in Youzify Youzify youzify allows Server Side Request Forgery.This issue affects Youzify: from n/a through = 1.3.5...

EUVD-2025-205723

Cross-Site Request Forgery CSRF vulnerability in Ays Pro Popup box ays-popup-box allows Cross Site Request Forgery.This issue affects Popup box: from n/a through = 6.0.7...

CVE-2025-69021

Cross-Site Request Forgery CSRF vulnerability in Ays Pro Popup box ays-popup-box allows Cross Site Request Forgery.This issue affects Popup box: from n/a through = 6.0.7...

CVE-2025-69014

CVE-2025-69014 : Youzify (WordPress plugin) is affected up to version 1.3.5 by a Server-Side Request Forgery (SSRF). The entry indicates the issue is exploitable via network access, requires HIGH privileges, and involves no user interaction, with confidentiality impact rated High. The Wordfence s...

GO-2025-4254 Mattermost has CSRF vulnerability via Calls Widget page in github.com/mattermost/mattermost-plugin-calls

Mattermost has CSRF vulnerability via Calls Widget page in github.com/mattermost/mattermost-plugin-calls...

PT-2025-53887

Name of the Vulnerable Software and Affected Versions Heateor Social Login versions through 1.1.39 Description The software contains a Cross-Site Request Forgery CSRF flaw. This allows attackers to potentially perform actions on behalf of authenticated users without their knowledge. Recommendatio...

PT-2025-53895

Name of the Vulnerable Software and Affected Versions Youzify versions through 1.3.5 Description The software contains a Server-Side Request Forgery SSRF flaw. This allows for Server Side Request Forgery. Recommendations Update Youzify to a version later than 1.3.5...

PT-2025-53902

Name of the Vulnerable Software and Affected Versions Ays Pro Popup box versions through 6.0.7 Description A Cross-Site Request Forgery issue exists in Ays Pro Popup box. This allows attackers to perform actions on behalf of an unsuspecting user. The issue affects the Popup box component...

CVE-2024-25181

A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery SSRF and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "filegetcontents" function within the "save.php" file...

CVE-2025-68893

Server-Side Request Forgery SSRF vulnerability in HETWORKS WordPress Image shrinker wp-image-shrinker allows Server Side Request Forgery.This issue affects WordPress Image shrinker: from n/a through = 1.1.0...

CVE-2025-68893 WordPress WordPress Image shrinker plugin <= 1.1.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in HETWORKS WordPress Image shrinker wp-image-shrinker allows Server Side Request Forgery.This issue affects WordPress Image shrinker: from n/a through = 1.1.0...