Submit #684803: rachelos WeRSS WeRSS<=1.4.7 Server-Side Request Forgeryinfo

Titlerachelos WeRSS WeRSS<=1.4.7 Server-Side Request Forgery
DescriptionAn unchecked web_hook_url parameter in WebRSS's (https://github.com/rachelos/we-mp-rss/) Webhook module allows authenticated users to perform SSRF attacks. Github Repo:https://github.com/rachelos/we-mp-rss/
Source⚠️ https://www.notion.so/SSRF-vulnerability-in-WeRSS-WebHook-module-29bea92a3c4180a192b5caa9078bfb18
User
 din4 (UID 50867)
Submission10/29/2025 13:44 (7 months ago)
Moderation11/14/2025 11:18 (16 days later)
StatusAccepted
VulDB entry332465 [rachelos WeRSS we-mp-rss up to 1.4.7 Webhook mps.py do_job web_hook_url server-side request forgery]
Points14

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!