CVE-2025-11128
BaseFortify
Publication date: 2025-10-23
Last updated on: 2025-10-27
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| feedzy | feedzy_rss_feeds | 5.1.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in the Feedzy RSS Feeds WordPress plugin (up to version 5.1.0) is a Server-Side Request Forgery (SSRF) issue in the 'feedzy_sanitize_feeds' function. It allows authenticated users with Subscriber-level access or higher to make the web application send requests to arbitrary locations. This means an attacker can make the plugin query internal services or other unintended locations from the server, potentially exposing sensitive internal information.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with low-level authenticated access (Subscriber or above) to make the server perform unauthorized web requests to internal or external systems. This can lead to information disclosure from internal services that are not normally accessible externally, potentially exposing sensitive data or internal network details. It may also be used as a stepping stone for further attacks within the network.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves Server-Side Request Forgery (SSRF) via the 'feedzy_sanitize_feeds' function in the Feedzy RSS Feeds WordPress plugin versions up to 5.1.0. Detection can focus on identifying unauthorized or suspicious web requests originating from the WordPress application, especially from authenticated users with Subscriber-level access or higher. Monitoring web server logs for unusual outbound HTTP requests to internal or unexpected external IP addresses or domains can help detect exploitation attempts. Additionally, inspecting WordPress plugin versions to identify if Feedzy RSS Feeds plugin is installed and if its version is 5.1.0 or below is crucial. Specific commands might include: 1) Checking the plugin version via WP-CLI: `wp plugin list | grep feedzy` 2) Searching web server logs (e.g., Apache or Nginx) for unusual outbound requests: `grep -i 'feedzy' /var/log/apache2/access.log` or monitoring outbound connections with tools like `netstat` or `ss` to detect unexpected connections. However, no explicit detection commands are provided in the resources. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, the immediate step is to update the Feedzy RSS Feeds WordPress plugin to version 5.1.1 or later, as this version includes enhanced security measures, improved feed URL validation, sanitization, and error handling that address the SSRF vulnerability. Additionally, ensure that only trusted users have access to the WordPress admin area, especially those with Subscriber-level access or higher, to reduce the risk of exploitation. Applying the security update promptly and reviewing plugin dependencies and configurations for any unusual behavior is recommended. [2]