CVE-2025-13174 – rachelos WeRSS we-mp-rss Webhook mps.py do_job server-side request forgery

CVE ID : CVE-2025-13174

Published : Nov. 14, 2025, 6:32 p.m. | 28 minutes ago

Description : A weakness has been identified in rachelos WeRSS we-mp-rss up to 1.4.7. Affected by this vulnerability is the function do_job of the file /rachelos/we-mp-rss/blob/main/jobs/mps.py of the component Webhook Module. Executing manipulation of the argument web_hook_url can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…