N/A
2026-04-01< 5.7.0
Webmention <= 5.6.2 - Authenticated (Subscriber+) Server-Side Request Forgery
Webmention
Minimum safe version
5.7.0
Update to 5.7.0 or later to address 4 fixable vulnerabilities
Latest available5.7.0 ✓
N/A
2026-04-02< 5.7.0
WordPress Webmention Plugin <= 5.6.2 is vulnerable to Server Side Request Forgery (SSRF)
N/A
2023-03-10< 4.0.9
WordPress Webmention Plugin <= 4.0.8 is vulnerable to Cross Site Scripting (XSS)
N/A
2023-03-08< 4.0.9
Webmention <= 4.0.8 - Reflected Cross-Site Scripting via 'replytocom'