What the vulnerability does
01Description
Server-Side Request Forgery (SSRF) vulnerability in PhonePe PhonePe Payment Solutions.This issue affects PhonePe Payment Solutions: from n/a through 1.0.15.
CVE-2022-45835
MEDIUM
CVE-2022-45835: WordPress PhonePe Payment Solutions Plugin <= 1.0.15 is vulnerable to Server Side Request Forgery (SSRF)
CVSS base score
5.8/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Key dates
02Disclosure timeline
November 13, 2023
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-35431 Microsoft Entra ID Entitlement Management Spoofing Vulnerability
CVE-2026-21885 Miniflux Media Proxy SSRF via /proxy endpoint allows access to internal network resources
CVE-2024-1978 Friends <= 2.8.5 - Authenticated (Admin+) Blind Server-Side Request Forgery
CVE-2026-45012 Apostrophe has authenticated SSRF in rich-text widget import via @apostrophecms/area/validate-widget
CVE-2026-13773 IBM WebSphere eXtreme Scale is affected by server side request forgery when ORB is used as Transport Protocol
