CVE Vulnerabilities

CVE-2025-8594

Published: Oct 14, 2025 | Modified: Oct 14, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

The Pz-LinkCard WordPress plugin before 2.5.7 does not validate a parameter before making a request to it, which could allow users with a role as low as Contributor to perform SSRF attack.

References