CVE-2025-31527

MEDIUM Year: 2025
CVSS v3 Score
6.4
Medium
Weakness Type
CWE-918
View all →

Vulnerability Description

Server-Side Request Forgery (SSRF) vulnerability in Kishan WP Link Preview allows Server Side Request Forgery. This issue affects WP Link Preview: from n/a through 1.4.1.

Related Vulnerabilities

CVE-2018-1000182

MEDIUM
CVSS:6.4(Medium)

A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb....

CWE-9182018

CVE-2021-23927

MEDIUM
CVSS:6.4(Medium)

OX App Suite through 7.10.4 allows SSRF via a URL with an @ character in an appsuite/api/oauth/proxy PUT request.

CWE-9182021

CVE-2021-31779

MEDIUM
CVSS:6.4(Medium)

The yoast_seo (aka Yoast SEO) extension before 7.2.1 for TYPO3 allows SSRF via a backend user account.

CWE-9182021

CVE-2021-40109

MEDIUM
CVSS:6.4(Medium)

A SSRF issue was discovered in Concrete CMS through 8.5.5. Users can access forbidden files on their local network. A user with permissions to upload files from external sites can upload a URL that re...

CWE-9182021

CVE-2023-4651

MEDIUM
CVSS:6.4(Medium)

Server-Side Request Forgery (SSRF) in GitHub repository instantsoft/icms2 prior to 2.16.1.

CWE-9182023

CVE-2023-6805

MEDIUM
CVSS:6.4(Medium)

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and incl...

CWE-9182023