CVE-2025-68600 WordPress Link Library plugin <= 7.8.7 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Yannick Lefebvre Link Library link-library allows Server Side Request Forgery.This issue affects Link Library: from n/a through = 7.8.7...

CVE-2025-68600 WordPress Link Library plugin <= 7.8.7 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Yannick Lefebvre Link Library link-library allows Server Side Request Forgery.This issue affects Link Library: from n/a through = 7.8.7...

CVE-2025-67623

CVE-2025-67623 is a Server-Side Request Forgery (SSRF) vulnerability in the WordPress plugin 6Storage Rentals (6storage-rentals). Affected: 6Storage Rentals versions up to 2.22.0 (per NVD/CNVD/Red Hat and CVE listings). Root cause: inadequate validation/authentication enabling SSRF to internal re...

CVE-2025-67623 WordPress 6Storage Rentals plugin <= 2.22.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Server Side Request Forgery.This issue affects 6Storage Rentals: from n/a through = 2.22.0...

CVE-2025-68500 WordPress Prime Slider – Addons For Elementor plugin <= 4.0.10 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in bdthemes Prime Slider – Addons For Elementor bdthemes-prime-slider-lite allows Server Side Request Forgery.This issue affects Prime Slider – Addons For Elementor: from n/a through = 4.0.10...

WordPress Link Library plugin <= 7.8.7 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Krissaphat Jankaew in WordPress Plugin Link Library versions = 7.8.7...

PT-2025-53241

Name of the Vulnerable Software and Affected Versions 6Storage versions prior to 2.20.0 Description A Server-Side Request Forgery SSRF vulnerability exists in 6Storage Rentals. This issue allows for Server Side Request Forgery. Recommendations Update 6Storage to version 2.20.0 or later...

WordPress plugin 6Storage Rentals 安全漏洞

WordPress 6Storage Rentals plugin is a plugin designed for WordPress websites, designed to help webmasters easily manage the rental booking process for storage facilities. WordPress 6Storage Rentals plugin suffers from a server-side request forgery vulnerability, which stems from the server not...

WordPress plugin Link Library 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the path parameter when an absolute URL is provided, causing the baseuri to be ignored. An attacker can cause sensitive credentials such as API keys to be sent to unintended third-party hosts or forc...

CVE-2025-68696

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd...

CVE-2025-68696 httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd...

CVE-2025-68696

CVE-2025-68696 affects the httparty gem (versions ≤ 0.23.2). The vulnerability is SSRF that can lead to leakage of API keys and allow third parties to issue requests to internal servers. Details across connected sources confirm the affected component (httparty), the root cause (SSRF in SSRF-prone...

GHSA-HM5P-X4RQ-38W4 httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage

Summary There may be an SSRF vulnerability in httparty. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. Details When httparty receives a path argument that is an absolute URL, it ignores the baseuri field. As a result, if ...

httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage

Summary There may be an SSRF vulnerability in httparty. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. Details When httparty receives a path argument that is an absolute URL, it ignores the baseuri field. As a result, if ...

Server-side Request Forgery (SSRF)

Astro is vulnerable to server-side request forgery SSRF. The vulnerability is due to improper image proxy domain validation, which allows an attacker to bypass restrictions using backslashes in the href parameter and trigger server-side requests to arbitrary URLs...

Server-side Request Forgery (SSRF)

Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the downloadservice.py service. An attacker can access internal services and attempt ...

CVE-2025-67743 Local Deep Research is Vulnerable to Server-Side Request Forgery (SSRF) in Download Service

Local Deep Research is an AI-powered research assistant for deep, iterative research. In versions from 1.3.0 to before 1.3.9, the download service downloadservice.py makes HTTP requests using raw requests.get without utilizing the application's SSRF protection saferequests.py. This can allow...

PT-2025-52864

Name of the Vulnerable Software and Affected Versions httparty versions prior to 0.23.2 Description httparty is susceptible to a Server-Side Request Forgery SSRF condition in versions 0.23.2 and earlier. This issue could lead to the disclosure of API keys and enable unauthorized requests to...

httparty 代码问题漏洞

httparty is a library from the individual developer John Nunemaker. A code issue vulnerability exists in httparty version 0.23.2 and earlier, which stems from the presence of a server-side request forgery vulnerability that could lead to API key disclosure or requests to an internal server...