Podigee Server Misdirects Requests to Unauthorized Servers

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Podigee Server Misdirects Requests to Unauthorized Servers

CVE-2026-39695

Summary

Podigee's server can be tricked into sending requests to incorrect or malicious servers, potentially allowing attackers to access sensitive information or disrupt services. This issue affects Podigee versions from unknown to 1.4.0. Update to the latest version of Podigee to fix the issue.

Original title

Server-Side Request Forgery (SSRF) vulnerability in podigee Podigee podigee allows Server Side Request Forgery.This issue affects Podigee: from n/a through <= 1.4.0.

Original description

Server-Side Request Forgery (SSRF) vulnerability in podigee Podigee podigee allows Server Side Request Forgery.This issue affects Podigee: from n/a through <= 1.4.0.

Vulnerability type

CWE-918 Server-Side Request Forgery (SSRF)

https://patchstack.com/database/Wordpress/Plugin/podigee/vulnerability/wordpress...

Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026