CVE-2024-13940 – Ninja Forms Webhooks SSRF Vulnerability

May 14, 2025

CVE ID : CVE-2024-13940

Published : May 14, 2025, 9:15 a.m. | 2 hours, 52 minutes ago

Description : The Ninja Forms Webhooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.0.7 via the form webhook functionality. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-8988 – PeepSo Core: File Uploads Plugin WordPress Insecure Direct Object Reference

Next Article This AI Paper Investigates Test-Time Scaling of English-Centric RLMs for Enhanced Multilingual Reasoning and Domain Generalization

Highlights

CVE-2025-5331 – PCMan FTP Server Buffer Overflow Vulnerability

May 29, 2025

CVE ID : CVE-2025-5331

Published : May 29, 2025, 10:15 p.m. | 2 hours, 48 minutes ago

Description : A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. This vulnerability affects unknown code of the component NLST Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

GitHub’s CEO Thomas Dohmke steps down, triggering tighter integration of company within Microsoft

bitHuman launches SDK for creating AI avatars

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

I found a Google Maps alternative that won’t track you or drain your battery – and it’s free

I tested this new AI podcast tool to see if it can beat NotebookLM – here’s how it did

Microsoft’s new update makes your taskbar a productivity hub – here’s how

Save $50 on the OnePlus Pad 3 plus get a free gift – here’s the deal

Laravel Global Scopes: Automatic Query Filtering

Laravel Global Scopes: Automatic Query Filtering

Building MCP Servers in PHP

Filament v4 is Stable!

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

Madden NFL 26 Leads This Week’s Xbox Drops—But Don’t Miss These Hidden Gems

ASUS G14 Bulked Up for 2025—Still Sexy, Just a Bit Chonkier

CVE-2024-13940 – Ninja Forms Webhooks SSRF Vulnerability

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

WinRAR zero-day exploited in espionage attacks against high-value targets

ThemeSelection

CVE-2025-5055 – WordPress Smart Forms Stored Cross-Site Scripting

CVE-2025-3280 – ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes SQL Injection

CVE-2025-51480 – ONNX Path Traversal Vulnerability

CVE-2025-5331 – PCMan FTP Server Buffer Overflow Vulnerability

CVE-2025-43923 – Unicom Focal Point SQL Injection Vulnerability

Ubuntu is Changing the Way it Boots on Raspberry Pi

CVE-2025-3996 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

CVE-2024-13940 – Ninja Forms Webhooks SSRF Vulnerability

Related Posts