CVE-2025-10137

The Snow Monkey theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 29.1.5 via the request function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be...

CVE-2025-10137

The Snow Monkey theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 29.1.5 via the request function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be...

CVE-2025-10137

The Snow Monkey theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 29.1.5 via the request function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be...

PT-2025-39515

Name of the Vulnerable Software and Affected Versions Snow Monkey versions prior to 29.1.6 Description The Snow Monkey theme for WordPress is susceptible to Server-Side Request Forgery SSRF in all versions up to and including 29.1.5. This flaw resides within the request function and allows...

WordPress Snow Monkey Theme 29.1.5 is vulnerable to Server Side Request Forgery (SSRF)

Software Snow Monkey Type Theme Vulnerable versions 29.1.5 Fixed in 29.1.6 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2025-10137 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 607b6876f535 Credits elmore Required privilege...