CVE-2025-10705
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-23

Last updated on: 2025-10-27

Assigner: Wordfence

Description
The MxChat – AI Chatbot for WordPress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.4.6. This is due to insufficient validation of user-supplied URLs in the PDF processing functionality. This makes it possible for unauthenticated attackers to make the WordPress server perform HTTP requests to arbitrary destinations via the mxchat_handle_chat_request AJAX action.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-23
Last Modified
2025-10-27
Generated
2026-06-16
AI Q&A
2025-10-23
EPSS Evaluated
2026-06-15
NVD
CVE-2025-10705
EUVD
EUVD-2025-35676
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
wordfence mxchat-basic 2.4.1
wordfence mxchat 2.4.6
wordfence mxchat 2.4.7
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a Blind Server-Side Request Forgery (SSRF) in the MxChat – AI Chatbot for WordPress plugin, affecting all versions up to 2.4.6. It occurs because the plugin does not properly validate user-supplied URLs in its PDF processing functionality. As a result, unauthenticated attackers can exploit the mxchat_handle_chat_request AJAX action to make the WordPress server send HTTP requests to arbitrary destinations, potentially accessing internal or restricted network resources. [1]

Impact Analysis

This vulnerability can allow attackers to make the WordPress server perform unauthorized HTTP requests to arbitrary locations, including internal network resources that are normally inaccessible externally. This can lead to information disclosure, internal network scanning, or exploitation of other internal services. Since the attacker does not need to be authenticated, it increases the risk of exploitation. However, the impact on confidentiality is limited (CVSS Confidentiality impact is Low), and there is no direct impact on integrity or availability. [1]

Detection Guidance

This vulnerability can be detected by checking if the MxChat – AI Chatbot for WordPress plugin is installed and running a version up to and including 2.4.6. Since the vulnerability involves the AJAX action 'mxchat_handle_chat_request' allowing SSRF via PDF URL processing, monitoring or logging HTTP requests made by the WordPress server to arbitrary destinations triggered by this AJAX action could help detect exploitation attempts. Specific commands are not provided in the resources, but you can audit plugin version via WordPress admin or by checking the plugin files. Additionally, monitoring web server logs for unusual outbound HTTP requests or using network monitoring tools to detect unexpected HTTP requests originating from the WordPress server may help. No explicit commands are given in the provided resources. [1]

Mitigation Strategies

The immediate step to mitigate this vulnerability is to update the MxChat plugin to version 2.4.7 or later, where the vulnerability is fixed. The fix includes replacing unsafe HTTP request functions with safer ones, implementing strict URL validation to block unsafe URLs, and enhancing PDF fetching logic to prevent SSRF attacks. Until the update is applied, consider disabling the PDF upload functionality or restricting access to the vulnerable AJAX action if possible. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-10705. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart