How severe is CVE-2025-22346?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.4 out of 10.

What type of vulnerability is CVE-2025-22346?

This is classified as CWE-918, which is a common weakness in software security.

CVE-2025-22346

MEDIUM Year: 2025

CVSS v3 Score

6.4

Medium

Weakness Type

CWE-918

View all →

Vulnerability Description

Server-Side Request Forgery (SSRF) vulnerability in Faizaan Gagan Course Migration for LearnDash allows Server Side Request Forgery.This issue affects Course Migration for LearnDash: from 1.0.2 through n/a.

CVE-2018-1000182

MEDIUM

CVSS:6.4(Medium)

A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb....

CWE-9182018

CVE-2021-23927

MEDIUM

CVSS:6.4(Medium)

OX App Suite through 7.10.4 allows SSRF via a URL with an @ character in an appsuite/api/oauth/proxy PUT request.

CWE-9182021

CVE-2021-31779

MEDIUM

CVSS:6.4(Medium)

The yoast_seo (aka Yoast SEO) extension before 7.2.1 for TYPO3 allows SSRF via a backend user account.

CWE-9182021

CVE-2021-40109

MEDIUM

CVSS:6.4(Medium)

A SSRF issue was discovered in Concrete CMS through 8.5.5. Users can access forbidden files on their local network. A user with permissions to upload files from external sites can upload a URL that re...

CWE-9182021

CVE-2023-4651

MEDIUM

CVSS:6.4(Medium)

Server-Side Request Forgery (SSRF) in GitHub repository instantsoft/icms2 prior to 2.16.1.

CWE-9182023

CVE-2023-6805

MEDIUM

CVSS:6.4(Medium)

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and incl...

CWE-9182023

CVE-2025-22346

Vulnerability Description

Related Vulnerabilities

CVE-2018-1000182

CVE-2021-23927

CVE-2021-31779

CVE-2021-40109

CVE-2023-4651

CVE-2023-6805