CVE-2025-53241

Server-Side Request Forgery SSRF vulnerability in kodeshpa Simplified simplified allows Server Side Request Forgery.This issue affects Simplified: from n/a through = 1.0.11...

CVE-2025-53760

Server-side request forgery ssrf in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network...

CVE-2025-53241 WordPress Simplified plugin <= 1.0.11 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in kodeshpa Simplified simplified allows Server Side Request Forgery.This issue affects Simplified: from n/a through = 1.0.11...

CVE-2025-53241 WordPress Simplified plugin <= 1.0.11 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in kodeshpa Simplified simplified allows Server Side Request Forgery.This issue affects Simplified: from n/a through = 1.0.11...

CVE-2025-20148

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due to improper validation of user-supplied data. An...

CVE-2025-20148

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due to improper validation of user-supplied data. An...

CVE-2025-20148 Cisco Secure Firewall Management Center HTML Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due to improper validation of user-supplied data. An...

CVE-2025-20148

CVE-2025-20148 affects Cisco Secure Firewall Management Center (FMC) Web UI. The flaw arises from improper validation of user-supplied data, enabling an authenticated attacker (requires at least a Security Analyst, Read Only) to inject arbitrary HTML into device-generated documents. Consequences ...

WordPress Simplified plugin <= 1.0.11 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Simplified versions = 1.0.11...

CVE-2025-28987

Server-Side Request Forgery SSRF vulnerability in PressForward PressForward pressforward allows Server Side Request Forgery.This issue affects PressForward: from n/a through = 5.9.5...

CVE-2025-28987

CVE-2025-28987 affects the WordPress plugin PressForward (versions up to 5.9.1 as stated in multiple sources). The vulnerability is a Server-Side Request Forgery (SSRF) issue with a CVSS v3.1 base score of 6.4 (Medium); impact is limited to confidentiality/integrity and no impact on availability ...

CVE-2025-28987 WordPress PressForward <= 5.9.4 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in PressForward PressForward pressforward allows Server Side Request Forgery.This issue affects PressForward: from n/a through = 5.9.5...

CVE-2025-28987 WordPress PressForward <= 5.9.1 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in PressForward PressForward allows Server Side Request Forgery. This issue affects PressForward: from n/a through 5.9.1...

Vulnerabilities fixed in Xerox FreeFlow Core

Xerox has fixed vulnerabilities in Xerox FreeFlow Core. The vulnerabilities include a Path Traversal vulnerability that can be exploited by attackers to gain access to unauthorized files, leading to Remote Code Execution RCE. There is also a vulnerability due to improper processing of XML input,...

CVE-2025-7622

During an internal security assessment, a Server-Side Request Forgery SSRF vulnerability that allowed an authenticated attacker to access internal resources on the server was discovered...

PT-2025-33369 · Unknown · Kodeshpa Simplified

Name of the Vulnerable Software and Affected Versions: kodeshpa Simplified versions n/a through 1.0.9 Description: A Server-Side Request Forgery SSRF vulnerability exists in kodeshpa Simplified. This issue allows for Server Side Request Forgery. Recommendations: Update kodeshpa Simplified to a...

WordPress plugin PressForward 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

PT-2025-33316 · Cisco · Cisco Secure Firewall Management Center (Fmc)

Name of the Vulnerable Software and Affected Versions: Cisco Secure Firewall Management Center FMC Software affected versions not specified Description: A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remo...

CVE-2025-55161

Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/markdown/pdf endpoint to convert Markdown to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security...

CVE-2025-55151

Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, the "convert file to pdf" functionality /api/v1/convert/file/pdf uses LibreOffice's unoconvert tool for conversion, and SSRF vulnerabilities exist during the conversion process...