CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2025/09/22 7:2 a.m.•3 views

CVE-2025-10787 MuYuCMS Add Fiend Link index.html server-side request forgery

6.5CVSS6.5AI score0.00239EPSS

CVE•added 2025/09/22 7:2 a.m.•19 views

CVE-2025-10787

MuYuCMS

6.5CVSS6.3AI score0.00239EPSS

4.4CVSS6.8AI score0.00236EPSS

WordPress plugin Beaf 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

CNNVD•added 2025/09/22 12:0 a.m.•1 views

WordPress plugin Skimlinks Affiliate Marketing Tool 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

4.4CVSS6.9AI score0.00236EPSS

Positive Technologies•added 2025/09/22 12:0 a.m.•4 views

PT-2025-38724

Name of the Vulnerable Software and Affected Versions IBM webMethods Integration versions 10.15 and 11.1 Description The software is susceptible to a server-side request forgery SSRF condition. An authenticated attacker could potentially leverage this to dispatch unauthorized requests from the...

5.5CVSS6.1AI score0.00178EPSS

Positive Technologies•added 2025/09/22 12:0 a.m.•3 views

PT-2025-38694

Name of the Vulnerable Software and Affected Versions MuYuCMS versions prior to 2.7 Description A server-side request forgery condition exists in MuYuCMS. The issue is located in an unknown function within the /index/index.html file of the Add Fiend Link Handler component. Manipulation of the Lin...

6.5CVSS6.3AI score0.00239EPSS

Exploits0References7

Patchstack•added 2025/09/22 12:0 a.m.•3 views

WordPress DriCub Theme <= 2.9 is vulnerable to Server Side Request Forgery (SSRF)

Software DriCub Type Theme Vulnerable versions = 2.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Server Side Request Forgery SSRF CVE CVE-2025-58005 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 1d20e3f4bf71 Credits Bonds Required privilege Unauthenticated...

5.4CVSS6.2AI score0.00194EPSS

Exploits0References1Affected Software1

4.4CVSS6.8AI score0.00217EPSS

WordPress plugin MakeStories (for Google Web Stories) 代码问题漏洞

Positive Technologies•added 2025/09/22 12:0 a.m.•4 views

PT-2025-38834

Name of the Vulnerable Software and Affected Versions MakeStories for Google Web Stories versions through 3.0.4 Description A Server-Side Request Forgery SSRF vulnerability exists in MakeStories for Google Web Stories. This issue allows Server Side Request Forgery. The vulnerability potentially...

4.4CVSS6.7AI score0.00217EPSS

Exploits0References3

CNNVD•added 2025/09/22 12:0 a.m.•1 views

WordPress plugin DriCub 代码问题漏洞

5.4CVSS6.8AI score0.00194EPSS

Exploits0References2

CNNVD•added 2025/09/22 12:0 a.m.•1 views

WordPress plugin Publitio 代码问题漏洞

6.4CVSS6.8AI score0.00199EPSS

Exploits0References2

Positive Technologies•added 2025/09/22 12:0 a.m.•2 views

PT-2025-39026

Name of the Vulnerable Software and Affected Versions Publitio versions through 2.2.1 Description The Publitio software contains a Server-Side Request Forgery SSRF issue. This allows for Server Side Request Forgery. Recommendations Update Publitio to a version later than 2.2.1...

6.4CVSS6.7AI score0.00199EPSS

Positive Technologies•added 2025/09/22 12:0 a.m.•2 views

PT-2025-38861

Name of the Vulnerable Software and Affected Versions Alex Content Mask versions through 1.8.5.2 Description A Server-Side Request Forgery SSRF issue exists in Alex Content Mask. This allows for Server Side Request Forgery. Recommendations Update Alex Content Mask to a version later than 1.8.5.2...

6.4CVSS6.6AI score0.00193EPSS

Exploits0References3

4.4CVSS6.9AI score0.00257EPSS

WordPress plugin SEO Backlink Monitor 代码问题漏洞

6.4CVSS6.8AI score0.00193EPSS

WordPress plugin Content Mask 代码问题漏洞

CNNVD•added 2025/09/22 12:0 a.m.•3 views

MuYuCMS 安全漏洞

MuYuCMS is a lightweight open source content management system open source by MuYuCMS. A security vulnerability exists in MuYuCMS 2.7 and earlier versions, which stems from the incorrect manipulation of the parameter Link URL of the component Add Fiend Link Handler in the file /index/index.html,...

6.5CVSS6.3AI score0.00239EPSS

RedhatCVE•added 2025/09/21 7:24 p.m.•14 views

CVE-2025-26515

StorageGRID formerly StorageGRID Webscale versions prior to 11.8.0.15 and 11.9.0.8 without Single Sign-on enabled are susceptible to a Server-Side Request Forgery SSRF vulnerability. Successful exploit could allow an unauthenticated attacker to change the password of any Grid Manager or Tenant...

7.5CVSS7AI score0.00317EPSS

RedhatCVE•added 2025/09/21 3:22 p.m.•11 views

CVE-2025-59344

AliasVault is a privacy-first password manager with built-in email aliasing. A server-side request forgery SSRF vulnerability exists in the favicon extraction feature of AliasVault API versions 0.23.0 and lower. The extractor fetches a user-supplied URL, parses the returned HTML, and follows...

7.7CVSS7AI score0.00299EPSS