CVE-2026-3881
Performance Monitor <= 1.0.6 - Unauthenticated Blind SSRF
CVSS Score
5.8
EPSS Score
0.0%
EPSS Percentile
8th
The Performance Monitor WordPress plugin through 1.0.6 does not validate a parameter before making a request to it, which could allow unauthenticated users to perform SSRF attacks
| Vendor | unknown |
| Product | performance monitor |
| Published | Mar 31, 2026 |
| Last Updated | Apr 2, 2026 |
Stay Ahead of the Next One
Get instant alerts for unknown performance monitor
Be the first to know when new medium vulnerabilities affecting unknown performance monitor are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Unknown / Performance Monitor
0 โค 1.0.6
References
Credits
Afshin Shekaari WPScan