CVE-2026-22358 WordPress Electrician - Electrical Service WordPress theme <= 5.6 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in SmartDataSoft Electrician - Electrical Service WordPress electrician allows Server Side Request Forgery.This issue affects Electrician - Electrical Service WordPress: from n/a through = 5.6...

CVE-2025-68030

Summary (CVE-2025-68030) The WordPress plugin Frontis Blocks (Frontis Blocks — Block Library for the Block Editor) is affected up to version 1.1.5. A Server-Side Request Forgery (SSRF) vulnerability exists in the frontis-blocks component, exploitable via the url parameter, enabling the SSRF issue...

CVE-2025-68030 WordPress Frontis Blocks plugin <= 1.1.5 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in WP Messiah Frontis Blocks frontis-blocks allows Server Side Request Forgery.This issue affects Frontis Blocks: from n/a through = 1.1.5...

CVE-2025-68030

Server-Side Request Forgery SSRF vulnerability in WP Messiah Frontis Blocks frontis-blocks allows Server Side Request Forgery.This issue affects Frontis Blocks: from n/a through = 1.1.5...

CVE-2025-67961 WordPress WPO365 plugin <= 40.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...

CVE-2025-67961 WordPress WPO365 plugin <= 40.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...

CVE-2025-64252

CVE-2025-64252 is a Server-Side Request Forgery (SSRF) vulnerability in the WordPress plugin ANAC XML Viewer (Marco Milesi) affecting ANAC XML Viewer versions up to 1.8.2. Multiple connected sources (NVD, Red Hat, CVE listing, PatchStack, PT Security) confirm the SSRF issue and indicate affected ...

CVE-2025-64252 WordPress ANAC XML Viewer plugin <= 1.8.2 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Marco Milesi ANAC XML Viewer anac-xml-viewer allows Server Side Request Forgery.This issue affects ANAC XML Viewer: from n/a through = 1.8.2...

CVE-2025-62741 WordPress Pool Services theme <= 3.3 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in SmartDataSoft Pool Services pool-services allows Server Side Request Forgery.This issue affects Pool Services: from n/a through = 3.3...

CVE-2025-62741 WordPress Pool Services theme <= 3.3 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in SmartDataSoft Pool Services pool-services allows Server Side Request Forgery.This issue affects Pool Services: from n/a through = 3.3...

Server-Side Request Forgery (SSRF)

github.com/axllent/mailpit is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the HTML Check feature automatically downloading remote CSS resources without proper validation, which allows an attacker to embed malicious stylesheet links in emails and trigger unauthorize...

Server-Side Request Forgery (SSRF)

github.com/axllent/mailpit is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation of target addresses in the /proxy endpoint, which allows an attacker to send crafted HTTP GET requests to internal network resources and access internal services or AP...

CVE-2025-56589

The CVE-2025-56589 entry concerns the Apryse HTML2PDF SDK (versions through 11.6.0) with a vulnerability in InsertFromHtmlString() leading to Local File Inclusion (LFI) and Server-Side Request Forgery (SSRF). The flaws could allow an attacker to read server-local files or trigger arbitrary HTTP r...

PT-2026-3996

Name of the Vulnerable Software and Affected Versions SmartDataSoft Pool Services versions through 3.3 Description A Server-Side Request Forgery SSRF issue exists in SmartDataSoft Pool Services. This allows for Server Side Request Forgery. The issue is present in pool-services. Recommendations...

CVE-2025-56589

A Local File Inclusion LFI and a Server-Side Request Forgery SSRF vulnerability was found in the InsertFromHtmlString function of the Apryse HTML2PDF SDK thru 11.6.0. These vulnerabilities could allow an attacker to read local files on the server or make arbitrary HTTP requests to internal or...

CVE-2025-56589

A Local File Inclusion LFI and a Server-Side Request Forgery SSRF vulnerability was found in the InsertFromHtmlString function of the Apryse HTML2PDF SDK thru 11.6.0. These vulnerabilities could allow an attacker to read local files on the server or make arbitrary HTTP requests to internal or...

PT-2026-4065

Name of the Vulnerable Software and Affected Versions Frontis Blocks versions through 1.1.5 Description A Server-Side Request Forgery SSRF issue exists in WP Messiah Frontis Blocks. This allows for Server Side Request Forgery. The issue impacts the frontis-blocks component. Recommendations Update...

Rekor code issue vulnerabilities

Rekor is an open-source software developed by sigstore. It provides an immutable, tamper-proof ledger for metadata generated within the software project supply chain. Versions of Rekor prior to 1.4.3 contained code vulnerabilities. These vulnerabilities stemmed from the /api/v1/index/retrieve...

WordPress plugin WPO365 has code-related vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

WordPress Plugin Pool Services code issue vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...