Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1540

1540 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CWE-918, Server-Side Request Forgery, is a critical web security weakness where an application allows users to specify URLs that the server subsequently fetches without adequate validation. Attackers typically exploit this by manipulating input parameters to force the server to access internal resources, such as cloud metadata services or local network endpoints, which are otherwise inaccessible from the outside. This bypasses perimeter defenses, potentially leading to sensitive data exposure or internal network reconnaissance. To mitigate SSRF, developers must implement strict input validation, ensuring that only whitelisted domains and protocols are permitted. Additionally, employing network-level controls like firewalls to restrict outbound connections from the application server and isolating internal services from public-facing interfaces significantly reduces the attack surface, preventing unauthorized internal access.

MITRE CWE Description
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Common Consequences (3)
ConfidentialityRead Application Data
IntegrityExecute Unauthorized Code or Commands
Access ControlBypass Protection Mechanism
By providing URLs to unexpected hosts or ports, attackers can make it appear that the server is sending the request, possibly bypassing access controls such as firewalls that prevent the attackers from accessing the URLs directly. The server can be used as a proxy to conduct port scanning of hosts i…
Examples (1)
This code intends to receive a URL from a user, access the URL, and return the results to the user.
$url = $_GET['url']; # User-controlled input # Fetch the content of the provided URL $response = file_get_contents($url); echo $response;
Bad · PHP
# Define allowed URLs (or domains) $allowed_urls = [ 'https://example.com/data.json', 'https://api.example.com/info', ]; # Get the user-provided URL $url = $_GET['url'] ?? ''; # Validate against allowed URLs if (!in_array($url, $allowed_urls)) { http_response_code(400); echo "Invalid or unauthorized URL."; exit; } # Fetch content safely $response = @file_get_contents($url); if ($response === false) { http_response_code(500); echo "Failed to fetch content."; exit; } echo htmlspecialchars($response); # Escape output for safety
Good · PHP
CVE IDTitleCVSSSeverityPublished
CVE-2025-30964 WordPress Photography theme < 7.7.6 - Server Side Request Forgery (SSRF) vulnerability — Photography 5.4 Medium2025-04-15
CVE-2025-26990 WordPress Royal Elementor Addons plugin <= 1.7.1006 - Server Side Request Forgery (SSRF) vulnerability — Royal Elementor Addons 4.4 Medium2025-04-15
CVE-2025-32102 CrushFTP 安全漏洞 — CrushFTP 5.0 Medium2025-04-15
CVE-2025-31490 AutoGPT allows SSRF due to DNS Rebinding in requests wrapper — AutoGPT 7.5 High2025-04-14
CVE-2025-3572 INTUMIT SmartRobot - Server-Side Request Forgery — SmartRobot 7.5 High2025-04-14
CVE-2025-22374 SSRF in CyberAudit-Web videx-legacy-ssl — CyberAudit-Web 9.8AICriticalAI2025-04-10
CVE-2025-31009 WordPress IndieBlocks plugin <= 0.13.1 - Server Side Request Forgery (SSRF) Vulnerability — IndieBlocks 5.4 Medium2025-04-09
CVE-2025-32487 WordPress Waymark plugin <= 1.5.2 - Server Side Request Forgery (SSRF) Vulnerability — Waymark 4.9 Medium2025-04-09
CVE-2025-32675 WordPress SEO Help plugin <= 6.7.9 - Server Side Request Forgery (SSRF) vulnerability — SEO Help 6.8 Medium2025-04-09
CVE-2025-32691 WordPress PowerPress Podcasting plugin <= 11.12.6 - Server Side Request Forgery (SSRF) Vulnerability — PowerPress Podcasting 4.9 Medium2025-04-09
CVE-2025-32372 Server-Side Request Forgery (SSRF) in DotNetNuke.Core — Dnn.Platform 6.5 Medium2025-04-09
CVE-2025-3412 mymagicpower AIAS InferController.java server-side request forgery — AIAS 6.3 Medium2025-04-08
CVE-2025-3411 mymagicpower AIAS AsrController.java server-side request forgery — AIAS 6.3 Medium2025-04-08
CVE-2025-32013 Server-Side Request Forgery via LNURL Authentication Callback in LNbits Lightning Network Payment System — lnbits 7.5AIHighAI2025-04-06
CVE-2025-32358 Zammad 安全漏洞 — Zammad 4.0 Medium2025-04-05
CVE-2025-3254 xujiangfei admintwo add server-side request forgery — admintwo 6.3 Medium2025-04-04
CVE-2025-2245 Server Side Request Forgery in GravityZone Update Server Using Null Bytes (VA-12646) — GravityZone Update Server 9.1AICriticalAI2025-04-04
CVE-2025-2243 SSRF in GravityZone Console via DNS Truncation (VA-12634) — GravityZone Console 9.8AICriticalAI2025-04-04
CVE-2025-3192 Browsershot 安全漏洞 — spatie/browsershot 8.2 High2025-04-04
CVE-2025-31824 WordPress WP Optin Wheel Plugin <= 1.4.7 - Server Side Request Forgery (SSRF) vulnerability — WP Optin Wheel 5.4 Medium2025-04-01
CVE-2025-31796 WordPress ElementsCSS Addons for Elementor plugin <= 1.0.8.9 - Server Side Request Forgery (SSRF) vulnerability — ElementsCSS Addons for Elementor 5.4 Medium2025-04-01
CVE-2025-31117 OpenEMR Out-of-Band Server-Side Request Forgery (OOB SSRF) Vulnerability — openemr 7.5 -2025-03-31
CVE-2025-31116 Mobile Security Framework (MobSF) has a SSRF Vulnerability fix bypass on assetlinks_check with DNS Rebinding — Mobile-Security-Framework-MobSF 4.4 Medium2025-03-31
CVE-2025-2997 zhangyanbo2007 youkefu url server-side request forgery — youkefu 6.3 Medium2025-03-31
CVE-2025-31527 WordPress WP Link Preview plugin <= 1.4.1 - Server Side Request Forgery (SSRF) vulnerability — WP Link Preview 6.4 Medium2025-03-31
CVE-2025-31076 WordPress WP Compress for MainWP plugin <= 6.30.03 - Server Side Request Forgery (SSRF) vulnerability — WP Compress for MainWP 4.9 Medium2025-03-28
CVE-2024-48944 Apache Kylin: SSRF vulnerability in the diagnosis api — Apache Kylin 4.4AIMediumAI2025-03-27
CVE-2025-22672 WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.2 - Server Side Request Forgery (SSRF) vulnerability — Video & Photo Gallery for Ultimate Member 4.9 Medium2025-03-27
CVE-2025-30914 WordPress Metform Elementor Contact Form Builder plugin <= 3.9.7 - Server Side Request Forgery (SSRF) vulnerability — Metform 4.4 Medium2025-03-27
CVE-2025-2835 zhangyd-c OneBlog RestApiController.java autoLink server-side request forgery — OneBlog 4.3 Medium2025-03-27

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1540 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.