CVE-2025-57055 | WonderCMS 3.5.0 curl_exec pluginThemeUrl server-side request forgery

September 17, 2025 Yanac

A vulnerability classified as critical has been found in WonderCMS 3.5.0. This affects the function curl_exec. This manipulation of the argument pluginThemeUrl causes server-side request forgery.

This vulnerability appears as CVE-2025-57055. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-10642 | wangchenyi1996 chat_forum up to 80bdb92f5b460d36cab36e530a2c618acef5afd2 /q.php path cross site scripting
CVE-2025-40933 | KGOLDOV Apache::AuthAny up to 0.201 on Perl rand generation of predictable numbers or identifiers