Yuchen Ji

**Name of the Vulnerable Software and Affected Versions** AI Engine: ChatGPT Chatbot versions n/a through 2.4.7 **Description** The issue is related to a Server-Side Request Forgery (SSRF) vulnerability. This allows for Server Side Request Forgery in the ChatGPT Chatbot. **Recommendations** For versions n/a through 2.4.7, update to a version that contains a fix for this issue, however the specific fixed version is not provided in the available data. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** BlossomThemes Email Newsletter versions 2.2.6 and earlier **Description** A Server-Side Request Forgery (SSRF) issue has been identified. This allows an attacker to trick the server into making unintended requests, potentially leading to unauthorized access to sensitive data or systems. **Recommendations** For versions 2.2.6 and earlier, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Post SMTP Mailer/Email Log versions n/a through 2.8.6 **Description** The issue is related to a Missing Authorization vulnerability in Post SMTP Post SMTP Mailer/Email Log. **Recommendations** For Post SMTP Mailer/Email Log versions n/a through 2.8.6, update to a version later than 2.8.6 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Church Admin versions n/a through 4.3.6 **Description** The issue is a Server-Side Request Forgery (SSRF) vulnerability. This means an attacker can potentially trick the server into making unauthorized requests, leading to various malicious outcomes. **Recommendations** For Church Admin versions n/a through 4.3.6, update to a version later than 4.3.6 to resolve the issue. At the moment, there is no information about other mitigation measures for this specific vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ninja Tables versions through 5.0.9 **Description** A Server-Side Request Forgery (SSRF) issue has been identified. This allows an attacker to trick the server into making unintended requests, potentially leading to unauthorized access to sensitive data or systems. **Recommendations** Update to a version later than 5.0.9 to resolve the issue. As a temporary workaround, consider restricting access to sensitive resources that could be exploited through SSRF until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Blocksy Companion versions 2.0.42 and earlier **Description** The issue is a Server-Side Request Forgery (SSRF) vulnerability. It is described as having a MEDIUM severity. **Recommendations** For Blocksy Companion versions 2.0.42 and earlier, update to a version later than 2.0.42 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Creative Motion Auto Featured Image (Auto Post Thumbnail) versions n/a through 4.0.0 **Description** The issue is a Server-Side Request Forgery (SSRF) vulnerability in Creative Motion Auto Featured Image (Auto Post Thumbnail). This allows an attacker to forge requests on the server-side, potentially leading to unauthorized access to sensitive data or systems. **Recommendations** For versions n/a through 4.0.0, update to a version later than 4.0.0 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ActiveCampaign versions n/a through 8.1.14 **Description** The issue is a Server-Side Request Forgery (SSRF) vulnerability. This means an attacker could potentially force the server to make requests to arbitrary domains, which could lead to unauthorized access to sensitive data or systems. **Recommendations** For versions n/a through 8.1.14, update to a version later than 8.1.14 to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific vulnerability.

**Name of the Vulnerable Software and Affected Versions** NiteoThemes CMP – Coming Soon & Maintenance versions through 4.1.10 **Description** A Server-Side Request Forgery (SSRF) issue affects the software, allowing unauthorized access to internal resources. This can be exploited by manipulating requests to the server, potentially leading to sensitive data exposure or other malicious activities. **Recommendations** For versions through 4.1.10, update to a version later than 4.1.10 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Contact Form 7 Extension For Mailchimp versions 0.5.70 and earlier **Description** A Server-Side Request Forgery (SSRF) issue affects the Renzo Johnson Contact Form 7 Extension For Mailchimp. This allows an attacker to forge requests to internal or external services, potentially leading to unauthorized access or data exposure. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** For versions 0.5.70 and earlier, update to a version later than 0.5.70 to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable extension until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Leevio Happy Addons for Elementor versions 3.9.1.1 and earlier **Description** A Server-Side Request Forgery (SSRF) issue affects Leevio Happy Addons for Elementor. This issue allows an attacker to forge requests to servers, potentially leading to unauthorized access to sensitive data. **Recommendations** For versions 3.9.1.1 and earlier, update to a version later than 3.9.1.1 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CommentLuv versions 3.0.4 and earlier **Description** A Server-Side Request Forgery (SSRF) issue has been identified. This allows an attacker to trick the server into making unintended requests, potentially leading to unauthorized access to sensitive data or systems. **Recommendations** For CommentLuv versions 3.0.4 and earlier, update to a version later than 3.0.4 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SpeedyCache – Cache, Optimization, Performance versions n/a through 1.1.2 **Description** The issue is related to a Server-Side Request Forgery (SSRF) vulnerability. This type of vulnerability allows an attacker to trick the server into making requests to unintended locations, potentially leading to unauthorized access or data exposure. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For versions n/a through 1.1.2, consider disabling the vulnerable functionality related to Server-Side Request Forgery until a patch is available. Restrict access to sensitive areas of the application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Church Admin versions 3.7.56 and earlier **Description** A Server-Side Request Forgery (SSRF) issue affects the software, allowing potential exploitation. **Recommendations** For Church Admin versions 3.7.56 and earlier, update to a version that contains a fix for this issue.