CVE-2025-15373

CVE-2025-15373 affects EyouCMS up to version 1.7.7. The issue is in the saveRemote function of application/function.php, allowing server-side request forgery. The exploit has been disclosed publicly and may be used, with remoteability indicated. Vendors acknowledge the vulnerability and plan a fi...

WordPress Starter Templates by FancyWP plugin <= 2.0.0 - Unauthenticated Blind Server-Side Request Forgery vulnerability

Unauthenticated Blind Server-Side Request Forgery vulnerability discovered by Francesco Carlucci in WordPress Plugin Starter Templates by FancyWP versions = 2.0.0...

WordPress Eventin plugin <= 4.0.37 - Unauthenticated Server-Side Request Forgery vulnerability

Unauthenticated Server-Side Request Forgery vulnerability discovered by Gai Tanaka 63n0 in WordPress Plugin Eventin versions = 4.0.37...

WordPress Shortcodes Ultimate plugin <= 7.4.5 - Authenticated (Administrator+) Server-Side Request Forgery vulnerability

Authenticated Administrator+ Server-Side Request Forgery vulnerability discovered by apolo2 in WordPress Plugin Shortcodes Ultimate versions = 7.4.5...

WordPress plugin WordPress & WooCommerce Scraper Plugin, Import Data from Any Site 代码问题漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin...

PT-2025-54271

A security vulnerability has been detected in EyouCMS up to 1.7.7. Impacted is the function saveRemote of the file application/function.php. Such manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be use...

EyouCMS 安全漏洞

EyouCMS is an open source content management system CMS based on ThinkPHP by China Eyou Eyou. A security vulnerability exists in EyouCMS 1.7.7 and earlier versions, which stems from a misuse of the function saveRemote in the file application/function.php, which could lead to server-side request...

Cowrie 安全漏洞

Cowrie is an open source honeypot software from Cowrie. A security vulnerability exists in Cowrie versions prior to 2.9.0, which stems from a server-side request forgery in the simulated shell implementation that could lead to a denial-of-service amplification attack...

EUVD-2025-205850

A vulnerability was determined in FeehiCMS up to 2.1.1. Impacted is an unknown function of the file frontend/web/timthumb.php of the component TimThumb. Executing manipulation of the argument src can lead to server-side request forgery. The attack can be launched remotely. The exploit has been...

Server-side Request Forgery (SSRF)

Overview feehi/cms is a Feehi CMS project template. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the TimThumb component in the timthumb.php file. An attacker can access internal resources or perform unauthorized requests by manipulating the src argument...

CVE-2025-15264

A vulnerability was determined in FeehiCMS up to 2.1.1. Impacted is an unknown function of the file frontend/web/timthumb.php of the component TimThumb. Executing manipulation of the argument src can lead to server-side request forgery. The attack can be launched remotely. The exploit has been...

CVE-2025-15264

A vulnerability was determined in FeehiCMS up to 2.1.1. Impacted is an unknown function of the file frontend/web/timthumb.php of the component TimThumb. Executing manipulation of the argument src can lead to server-side request forgery. The attack can be launched remotely. The exploit has been...

CVE-2025-15264 FeehiCMS TimThumb timthumb.php server-side request forgery

A vulnerability was determined in FeehiCMS up to 2.1.1. Impacted is an unknown function of the file frontend/web/timthumb.php of the component TimThumb. Executing manipulation of the argument src can lead to server-side request forgery. The attack can be launched remotely. The exploit has been...

CVE-2025-15264 FeehiCMS TimThumb timthumb.php server-side request forgery

A vulnerability was determined in FeehiCMS up to 2.1.1. Impacted is an unknown function of the file frontend/web/timthumb.php of the component TimThumb. Executing manipulation of the argument src can lead to server-side request forgery. The attack can be launched remotely. The exploit has been...

CVE-2025-15264

CVE-2025-15264 affects FeehiCMS (up to v2.1.1) via the TimThumb component in frontend/web/timthumb.php. The vulnerability arises from manipulating the src argument, enabling server-side request forgery (SSRF) and potentially allowing remote exploitation. Public disclosures of the exploit exist; t...

WordPress Electrician - Electrical Service WordPress theme <= 5.6 - Server Side Request Forgery (SSRF) vulnerability

WordPress Electrician - Electrical Service WordPress theme = 5.6 - Server Side Request Forgery SSRF vulnerability discovered by Bonds in WordPress Theme Electrician - Electrical Service WordPress versions = 5.6...

CVE-2025-69014

Server-Side Request Forgery SSRF vulnerability in Youzify Youzify youzify allows Server Side Request Forgery.This issue affects Youzify: from n/a through = 1.3.7...

CVE-2025-69014 WordPress Youzify plugin <= 1.3.7 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Youzify Youzify youzify allows Server Side Request Forgery.This issue affects Youzify: from n/a through = 1.3.7...

CVE-2025-69014 WordPress Youzify plugin <= 1.3.7 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Youzify Youzify youzify allows Server Side Request Forgery.This issue affects Youzify: from n/a through = 1.3.7...

CVE-2024-25181

A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery SSRF and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "filegetcontents" function within the "save.php" file...