Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1659

1659 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CWE-918, Server-Side Request Forgery, is a critical web security weakness where an application allows users to specify URLs that the server subsequently fetches without adequate validation. Attackers typically exploit this by manipulating input parameters to force the server to access internal resources, such as cloud metadata services or local network endpoints, which are otherwise inaccessible from the outside. This bypasses perimeter defenses, potentially leading to sensitive data exposure or internal network reconnaissance. To mitigate SSRF, developers must implement strict input validation, ensuring that only whitelisted domains and protocols are permitted. Additionally, employing network-level controls like firewalls to restrict outbound connections from the application server and isolating internal services from public-facing interfaces significantly reduces the attack surface, preventing unauthorized internal access.

MITRE CWE Description
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Common Consequences (3)
ConfidentialityRead Application Data
IntegrityExecute Unauthorized Code or Commands
Access ControlBypass Protection Mechanism
By providing URLs to unexpected hosts or ports, attackers can make it appear that the server is sending the request, possibly bypassing access controls such as firewalls that prevent the attackers from accessing the URLs directly. The server can be used as a proxy to conduct port scanning of hosts i…
Examples (1)
This code intends to receive a URL from a user, access the URL, and return the results to the user.
$url = $_GET['url']; # User-controlled input # Fetch the content of the provided URL $response = file_get_contents($url); echo $response;
Bad · PHP
# Define allowed URLs (or domains) $allowed_urls = [ 'https://example.com/data.json', 'https://api.example.com/info', ]; # Get the user-provided URL $url = $_GET['url'] ?? ''; # Validate against allowed URLs if (!in_array($url, $allowed_urls)) { http_response_code(400); echo "Invalid or unauthorized URL."; exit; } # Fetch content safely $response = @file_get_contents($url); if ($response === false) { http_response_code(500); echo "Failed to fetch content."; exit; } echo htmlspecialchars($response); # Escape output for safety
Good · PHP
CVE IDTitleCVSSSeverityPublished
CVE-2024-35633 WordPress Blocksy Companion plugin <= 2.0.42 - Server Side Request Forgery (SSRF) vulnerability — Blocksy Companion 4.4 Medium2024-06-03
CVE-2024-35635 WordPress Ninja Tables plugin <= 5.0.9 - Server Side Request Forgery (SSRF) vulnerability — Ninja Tables 4.4 Medium2024-06-03
CVE-2024-35637 WordPress Church Admin plugin <= 4.3.6 - Server Side Request Forgery (SSRF) vulnerability — Church Admin 4.4 Medium2024-06-03
CVE-2023-7073 Auto Featured Image (Auto Post Thumbnail) <= 4.1.7 - Authenticated (Author+) Server-Side Request Forgery — Auto Featured Image (Auto Post Thumbnail) 6.4 Medium2024-05-31
CVE-2024-1855 WPCafe <= 2.2.23 - Unauthenticated Blind Server-Side Request Forgery — WPCafe – Restaurant Menu, Online Food Ordering & Table Booking System 5.3 Medium2024-05-23
CVE-2024-5031 MemberPress <= 1.11.29 - Authenticated (Contributor+) Blind Server-Side Request Forgery via mepr-user-file Shortcode — Memberpress 8.5 High2024-05-22
CVE-2024-4789 Cost Calculator Builder Pro <= 3.1.72 - Authenticated (Subscriber+) Server-Side Request Forgery — Cost Calculator Builder PRO 6.4 Medium2024-05-17
CVE-2024-3485 Server-Side Request Forgery vulnerability in iManager — iManager 5.3 Medium2024-05-15
CVE-2024-3970 Server-Side Request Forgery vulnerability in iManager — iManager 5.3 Medium2024-05-15
CVE-2024-4894 ITPison OMICARD EDM - Server-Side Request Forgery — OMICARD EDM 5.3 Medium2024-05-15
CVE-2024-4562 WhatsUp Gold Server-Side Request Forgery Information Disclosure Vulnerability via HttpMonitorSettings — WhatsUp Gold 5.4 Medium2024-05-14
CVE-2024-4561 WhatsUp Gold Server-Side Request Forgery Information Disclosure Vulnerability via FaviconController — WhatsUp Gold 4.2 Medium2024-05-14
CVE-2024-0862 Proofpoint Enterprise Protection 代码问题漏洞 — Enterprise Protection 5.0 Medium2024-05-14
CVE-2024-35172 WordPress ShortPixel Adaptive Images plugin <= 3.8.3 - Server Side Request Forgery (SSRF) vulnerability — ShortPixel Adaptive Images 4.4 Medium2024-05-13
CVE-2024-32964 lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerability — lobe-chat 9.0 Critical2024-05-10
CVE-2024-1467 Starter Templates — Elementor, WordPress & Beaver Builder Templates <= 4.1.6 - Authenticated (Contributor+) Server-Side Request Forgery — Starter Templates – AI-Powered Templates for Elementor & Gutenberg 4.3 Medium2024-05-09
CVE-2024-34351 Next.js Server-Side Request Forgery in Server Actions — next.js 7.5 High2024-05-09
CVE-2024-3047 PDF Invoices & Packing Slips for WooCommerce <= 3.8.0 - Unauthenticated Server-Side Request Forgery — PDF Invoices & Packing Slips for WooCommerce 7.2 High2024-05-02
CVE-2024-23336 Incomplete disallowed remote addresses list in MyBB — mybb 5.0 Medium2024-05-01
CVE-2024-2663 ZD YouTube FLV Player <= 1.2.6 - Server-Side Request Forgery — ZD YouTube FLV Player 8.3 High2024-04-30
CVE-2024-0216 Google Doc Embedder <= 2.6.4 - Authenticated (Contributor+) Blind Server Side Request Forgery — Google Doc Embedder 6.4 Medium2024-04-30
CVE-2024-33590 WordPress basepress plugin <= 2.16.1 - Server Side Request Forgery (SSRF) vulnerability — Knowledge Base documentation & wiki plugin – BasePress 5.0 Medium2024-04-29
CVE-2024-33634 WordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Unauthenticated Server Side Request Forgery (SSRF) vulnerability — Piotnet Addons For Elementor Pro 5.4 Medium2024-04-29
CVE-2024-33629 WordPress Auto Featured Image (Auto Post Thumbnail) plugin <= 4.0.0 - Server Side Request Forgery (SSRF) vulnerability — Auto Featured Image (Auto Post Thumbnail) 4.4 Medium2024-04-29
CVE-2024-33627 WordPress AGCA – Custom Dashboard & Login Page plugin <= 7.2.2 - Server Side Request Forgery (SSRF) vulnerability — Absolutely Glamorous Custom Admin 4.4 Medium2024-04-29
CVE-2024-33592 WordPress Radio Player plugin <= 2.0.73 - Server Side Request Forgery (SSRF) vulnerability — Radio Player 5.4 Medium2024-04-25
CVE-2024-32718 WordPress The Pack Elementor addons plugin <= 2.0.8.2 - Server Side Request Forgery (SSRF) vulnerability — The Pack Elementor addons 4.9 Medium2024-04-24
CVE-2024-32775 WordPress Embed Google Photos album plugin <= 2.1.9 - Server Side Request Forgery (SSRF) vulnerability — Embed Google Photos album 4.9 Medium2024-04-24
CVE-2024-32803 WordPress SuperFaktura WooCommerce plugin <= 1.40.3 - Server Side Request Forgery (SSRF) vulnerability — SuperFaktura WooCommerce 6.4 Medium2024-04-24
CVE-2024-32812 WordPress Podlove Podcast Publisher plugin <= 4.0.11 - Server Side Request Forgery (SSRF) vulnerability — Podlove Podcast Publisher 5.4 Medium2024-04-24

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1659 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.