Vulnerability Name CVE Severity
Adminer Server Side Request Forgery (SSRF) CVE-2021-21311
Apache HTTP Server mod_proxy SSRF (CVE-2021-40438) CVE-2021-40438
Apache mod_jk access control bypass CVE-2018-11759
Apache OFBiz SSRF (CVE-2023-50968) CVE-2023-50968
Apache OFBiz SSRF (CVE-2024-45507) CVE-2024-45507
Apache Solr SSRF CVE-2017-3164 CVE-2017-3164
Appwrite favicon SSRF (CVE-2023-27159) CVE-2023-27159
Atlassian OAuth Plugin IconUriServlet SSRF CVE-2017-9506
Auxiliary systems SSRF
ChatGPT-Next-Web SSRF (CVE-2023-49785) CVE-2023-49785
Cloud metadata publicly exposed
Edge Side Include injection
Ext JS arbitrary file read
GeoServer SSRF (CVE-2021-40822) CVE-2021-40822
GeoServer WMS SSRF (CVE-2023-43795) CVE-2023-43795
Gitlab CI Lint SSRF
Grafana avatar SSRF CVE-2020-13379
Hasura GraphQL API without authentication
HTTP/2 pseudo-header server side request forgery
imgproxy SSRF (CVE-2023-30019) CVE-2023-30019
Jira Unauthorized SSRF via REST API CVE-2019-8451
Keycloak request_uri SSRF (CVE-2020-10770) CVE-2020-10770
Liferay XMLRPC Blind SSRF
Microsoft Exchange Server Server-Side Request Forgery (SSRF) vulnerability CVE-2021-26855
Next.js image Blind SSRF
Openfire Admin Console Full Read SSRF CVE-2019-18394
Oracle Business Intelligence ReportTemplateService XXE CVE-2019-2616 CVE-2019-2616
Oracle E-Business Suite SSRF (CVE-2017-10246) CVE-2017-10246
Oracle E-Business Suite SSRF (CVE-2018-3167) CVE-2018-3167
Oracle Weblogic T3 XXE (CVE-2019-2647) CVE-2019-2647
Oracle Weblogic T3 XXE (CVE-2019-2888) CVE-2019-2888
Paperclip gem SSRF (Server side request forgery) CVE-2017-0889
Reverse proxy misrouting
Reverse proxy misrouting through HTTP/2 pseudo-headers (SSRF)
SAML Consumer Service External Dereference SSRF
SAML Consumer Service XSLT injection
SAP BO BIP SSRF (CVE-2020-6308) CVE-2020-6308
SAP NetWeaver ipcpricing server side request forgery
SAP NW DI SSRF vulnerability (CVE-2021-33690) CVE-2021-33690
Server-Side Request Forgery
Server-Side Request Forgery (Cloud Metadata)
Server-Side Request Forgery (localhost)
Skype for Business SSRF (CVE-2023-41763) CVE-2023-41763
SOAP WS-Addressing SSRF
SSRF in Ivanti Connect Secure, Policy Secure and Neurons (CVE-2024-21893) CVE-2024-21893
SSRF in Server-Side Rendering
SSRF via logo_uri in MITREid Connect CVE-2021-26715
TorchServe Management API SSRF (CVE-2023-43654) CVE-2023-43654
VMware vCenter vcavbootstrap Arbitrary File Read
VMware vRealize Operations Server Side Request Forgery (SSRF) vulnerability CVE-2021-21975
WebLogic Server Side Request Forgery CVE-2014-4241 CVE-2014-4210 CVE-2014-4242
WordPress Plugin All in One Social Lite Server-Side Request Forgery (1.0)
WordPress Plugin Canto Multiple Server-Side Request Forgery Vulnerabilities (1.7.0) CVE-2020-28976 CVE-2020-28977 CVE-2020-28978
WordPress Plugin Craw Data Server-Side Request Forgery (1.0.0) CVE-2022-2912
WordPress Plugin Dropbox Folder Share Server-Side Request Forgery (1.9.7) CVE-2023-3025
WordPress Plugin Essential Addons for Elementor Server-Side Request Forgery (2.9.8)
WordPress Plugin Flog Server-Side Request Forgery (1.0beta3)
WordPress Plugin Google Forms Server-Side Request Forgery (0.91)
WordPress Plugin Import all XML, CSV & TXT into WordPress Server-Side Request Forgery (6.5.2) CVE-2022-1977
WordPress Plugin Import XML and RSS Feeds Server-Side Request Forgery (2.0.2) CVE-2020-24148
WordPress Plugin jRSS Widget Server-Side Request Forgery (1.2) CVE-2014-9292
WordPress Plugin JSM file_get_contents() Shortcode Server-Side Request Forgery (2.7.0) CVE-2023-6991
WordPress Plugin Like Button Rating-LikeBtn Server-Side Request Forgery (2.6.31) CVE-2021-24150
WordPress Plugin Mapplic-Custom Interactive Map Server-Side Request Forgery (6.1)
WordPress Plugin Mapplic Lite Server-Side Request Forgery (1.0)
WordPress Plugin Nelio AB Testing Server-Side Request Forgery (4.5.10)
WordPress Plugin PhonePe Payment Solutions Server-Side Request Forgery (1.0.15) CVE-2022-45835
WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Server-Side Request Forgery (4.2.5) CVE-2023-6294
WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Server-Side Request Forgery (2.1.6) CVE-2022-2352
WordPress Plugin Print My Blog-Print, PDF, & eBook Converter Server-Side Request Forgery (1.6.5) CVE-2019-11565
WordPress Plugin Rank Math SEO-Best SEO For WordPress To Increase Your SEO Traffic Server-Side Request Forgery (1.0.95) CVE-2022-36376
WordPress Plugin RSS Aggregator by Feedzy-Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator Server-Side Request Forgery (4.4.7) CVE-2023-6805
WordPress Plugin RSVPMaker Server-Side Request Forgery (8.7.2) CVE-2021-24371
WordPress Plugin Telefication Server-Side Request Forgery (1.8.0) CVE-2021-39339
WordPress Plugin W3 Total Cache Server-Side Request Forgery (0.9.7.3)
WordPress Plugin Web Stories Server-Side Request Forgery (1.24.0) CVE-2022-3708
WordPress Plugin Wordpress Picture/Portfolio/Media Gallery Server-Side Request Forgery (3.0.1) CVE-2024-5021
WordPress Plugin WPCafe-Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce Server-Side Request Forgery (2.2.23) CVE-2024-1855
WordPress Plugin WP Smart Import: Import any XML File to WordPress Server-Side Request Forgery (1.0.0) CVE-2020-24147
WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Server-Side Request Forgery (3.4.3) CVE-2024-4469
WordPress Server-Side Request Forgery (3.7 - 6.1.1) CVE-2022-3590
Zimbra Collaboration Suite SSRF (CVE-2020-7796) CVE-2020-7796