CVE-2025-69239

Name of the Vulnerable Software and Affected Versions Raytha CMS versions prior to 1.4.6

Description Raytha CMS has a Server-Side Request Forgery (SSRF) issue in the “Themes - Import from URL” feature. An attacker with high privileges can provide a URL to redirect server-side HTTP requests. The vulnerable feature allows an attacker to control the destination of server-side requests, potentially leading to unauthorized access to internal resources or data exfiltration.

Recommendations Update Raytha CMS to version 1.4.6 or later.