CWE-918
Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
We have discovered 3,570,304 live websites that are affected by CWE-918.
CVEs
- Count - 3
CWE References
Countries
 United States | 800,563 websites |
 Germany | 324,652 websites |
 Japan | 277,831 websites |
 France | 206,325 websites |
 Italy | 176,943 websites |
 GB | 157,850 websites |
 Russia | 134,346 websites |
 Netherlands | 120,867 websites |
 Poland | 116,022 websites |
 Spain | 108,349 websites |
TLDs
| .com | 1,443,475 websites |
| .de | 206,066 websites |
| .org | 142,197 websites |
| .it | 116,054 websites |
| .ru | 108,566 websites |
| .net | 106,115 websites |
| .nl | 97,652 websites |
| .co.uk | 92,872 websites |
| .pl | 85,872 websites |
| .fr | 82,781 websites |
Newest CVEs
List of the most recent CVEs that are part of CWE-918| Discovered | CVE | Description | Websites |
|---|---|---|---|
| Feb, 2024 | CVE-2023-6294 | popup-builder < 4.2.6 - Admin+ SSRF & File Read | 804 |
| Nov, 2023 | CVE-2023-31219 | WordPress Download Monitor Plugin <= 4.8.1 is vulnerable to Server Side Request Forgery (SSRF) | 1,486 |
| Dec, 2022 | CVE-2022-3590 | WP <= 6.1.1 - Unauthenticated Blind SSRF via DNS Rebinding | 3,568,724 |
The most widespread CVEs
List of the most common CVEs that are part of CWE-918| Discovered | CVE | Description | Websites |
|---|---|---|---|
| Dec, 2022 | CVE-2022-3590 | WP <= 6.1.1 - Unauthenticated Blind SSRF via DNS Rebinding | 3,568,724 |
| Nov, 2023 | CVE-2023-31219 | WordPress Download Monitor Plugin <= 4.8.1 is vulnerable to Server Side Request Forgery (SSRF) | 1,486 |
| Feb, 2024 | CVE-2023-6294 | popup-builder < 4.2.6 - Admin+ SSRF & File Read | 804 |
Websites affected by CWE-918
Top websites that are affected by CWE-918. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ************.org |  Singapore | *** | |
| ***.*****************.com | United States | *** | |
| ****.br |  Brazil | *** | |
| ****.******.com | Singapore | *** | |
| ***.**********.com | United States | *** | |
| ***.*********.com | Germany | *** | |
| *******.******.com | United States | *** | |
| ***.*******.com |  Turkey | *** | |
| ****.*****.net | United States | *** | |
| ***.*********.com | United States | *** |