Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 531— Search: SSRF×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 5.7
WordPress Plugin Security Audit: SQLi/XSS/CSRF/SSRF Vulnerability Analysis
plugins.trac.wordpress.org · 2025-11-07

### Critical Vulnerability Information #### 1. **Unvalidated User Input** - **Line Numbers**: Multiple - **Description**: The code contains multiple instances where user input is directly used without…

Read more
Jenkins Security Advisory 2018-07-30: Multiple Plugin Vulnerabilities (SSH Key Leak, CSRF, XSS, SSRF)
jenkins.io · 2025-11-08

This webpage screenshot provides the following key information about the vulnerability: - **Advisory ID**: Jenkins Security Advisory 2018-07-30 - **Vulnerable Plugins**: Multiple Jenkins plugins are a…

Read more
CVSS 7.6
InvoicePlane SSRF Vulnerability: Unsanitized HTML in Payment Receipt PDF Rendering Leading to SSRF and Exploitation Anal
github.com · 2026-04-02

# SSRF in Payment Receipt PDF Rendering via Unsanitised HTML in Notes Field ### 漏洞概述 这是一个严重的服务器端请求伪造(SSRF)漏洞。在支付收据PDF生成功能中,支付收据的Notes字段允许未清理的HTML输入。该HTML被传递到Gonf PDF渲染引擎,该引擎允许嵌入远程资源。攻击者可以利用此漏洞向内部网络发起请…

Read more
Jenkins Security Advisory: Sandbox Bypass, SSRF, CSRF in Multiple Plugins (CVE-2019-1003024)
jenkins.io · 2025-11-09

### Vulnerability Key Information #### Vulnerability Overview - **Advisory Name**: Jenkins Security Advisory 2019-02-19 - **Affected Plugins**: - Acunetix Plugin - Cloud Foundry Plugin - CloudBees CD …

Read more
CVSS 7.7
Wallos Incomplete Fix for CVE-2026-3399: SSRF via DNS Rebinding
github.com · 2026-05-07

N/A.神龙无法分析-数据量过载

Read more
forem CSRF Vulnerability (CVE-2023-27160) with SSRF Exploitation
gist.github.com · 2025-11-11

### CVE-2023-27160 - Cross Site Request Forgery (CSRF) #### Description forem up to v2022.11.11 was discovered to contain a Cross Site Request Forgery (CSRF) vulnerability via the components `/article…

Read more
CVSS 5.0
SRMP3 Plugin Ajax Callback SSRF and SSL Verification Bypass Analysis
plugins.trac.wordpress.org · 2026-02-21

Key vulnerability information extracted from the screenshot: ### 1. Version Increment - **Change Description**: Version upgraded from `5.10` to `5.11`, primarily for version control and to avoid cachi…

Read more
Premium intel
CVSS 6.1
Roundcube Webmail 1.7 RC5 Security Update: Fixes Pre-Auth File Write, SSRF, XSS, and CSRF
github.com · 2026-04-03

### Roundcube Webmail Security Update Summary **Vulnerability Overview** Roundcube Webmail has released version 1.7 RC5, addressing multiple critical security vulnerabilities reported recently. Key fi…

Read more
CVSS 7.7
PraisonAI SSRF via Unvalidated api_base in passthrough() Fallback
github.com · 2026-04-04

# SSRF via Unvalidated api_base in passthrough() Fallback -- PraisonAI ### 漏洞概述 在 `praisonai` 包中,`passthrough()` 和 `apextranscript()` 函数接受一个未经验证的 `api_base` 参数。该参数直接与请求拼接,导致服务器端请求伪造(SSRF)和潜在的重定向攻击。攻击者…

Read more
CVSS 6.5
WordPress Plugin Vulnerabilities Summary: SSRF/XSS/RCE/SSTI
patchstack.com · 2026-04-02

### Vulnerability Key Information Summary **1. Vulnerability Overview and Scope** This page displays multiple security vulnerabilities in WordPress plugins and software within the Patchstack vulnerabi…

Read more
CVSS 5.0
WordPress Responsive Lightbox RCE/XSS/SSRF/RFI Vulnerability Analysis
plugins.trac.wordpress.org · 2026-02-25

### Vulnerability Key Information - **Source**: `responsive-lightbox/trunk/includes/class-remote-library.php` - **Last Change**: Revision 464562 by dfactory, checked in 7 days ago - **File Size**: 28.…

Read more
CVSS 5.3
Adobe Commerce/Magento Security Advisory APSB25-26: Privilege Escalation, CSRF, and Access Control Bypass
helpx.adobe.com · 2025-04-10

### Critical Vulnerability Information #### Vulnerability Overview - **Advisory ID**: APSB25-26 - **Release Date**: April 8, 2025 - **Priority**: 2 Adobe has released security updates for Adobe Commer…

Read more
CVSS 4.1
LangChain SSRF Vulnerability Fix: New SSRF Protection Module and RecursiveUrlLoader Hardening
github.com · 2026-02-12

### Key Information Summary #### Vulnerability Type - **SSRF (Server-Side Request Forgery)** #### Mitigation Measures - Added a new `@langchain/core/utils/ssrf` module containing URL validation utilit…

Read more
CVSS 6.3
SSRF Fix: Implementing axiosRequestDispatcher and URL Sanitization
github.com · 2025-08-28

### Key Information - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Remediation**: Use `axiosRequestDispatcher` to prevent SSRF vulnerabilities. - **Code Changes**: - Introduced `axio…

Read more
CVSS 5.8
Fulcio SSRF via MetaIssuer Regex Bypass Analysis (CVSS 5.8)
github.com · 2026-01-20

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Server-Side Request Forgery (SSRF) via MetaIssuer Regex Bypass - **Severity**: Medium (CVSS: 5.8/10) - **CVE ID**: No known CV…

Read more
Jenkins Multiple Plugins Vulnerabilities Advisory: XSS, SSRF, Sandbox Bypass, Session Hijacking
www.jenkins.io · 2024-11-17

From this webpage screenshot, the following key information about the vulnerabilities can be obtained: 1. **Vulnerability Descriptions**: - **Script Security Plugin**: The plugin does not perform perm…

Read more
WordPress 4.5.3 Security Release: Fixes XSS, SSRF, Info Disclosure, and Cookie Theft
wordpress.org · 2025-11-08

- **WordPress Version**: 4.5.3 - **Release Type**: Maintenance and Security Release - **Date**: June 18, 2016 - **Affecting Versions**: 4.5.2 and earlier - **Security Issues**: - Redirect bypass in th…

Read more
CVSS 5.4
WordPress Plugin XSS and SSRF Vulnerability Patch Analysis
plugins.trac.wordpress.org · 2025-11-19

### Critical Vulnerability Information #### 1. Error Handling and Validation - **Code Changes in `includes/class-frontend.php`** - The old code uses `esc_html` to escape the URL, which is insufficient…

Read more
CVSS 5.9
WordPress Plugin Vulnerability Summary (XSS/SQLi/SSRF)
patchstack.com · 2025-11-19

- **Total Vulnerabilities**: 35,016 - **Mitigation rules**: 13,049 - **No official fix**: 6,707 - **In queue**: 1,300 - **Published sans fix**: 0 - Vulnerabilities listed include: - **Unauthenticated …

Read more
Tiny Tiny RSS Vulnerability Analysis: XSS, SSRF, LFI (CVE-2020-25787/25788/25789)
blog.neagaru.com · 2025-12-29

## Key Vulnerability Information Summary ### 1. **Application Context** - Target Application: Tiny Tiny RSS (2020 version) - Objective: Identify and exploit security vulnerabilities --- ### 2. **Main …

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.