CVE-2026-12516
Received Received - Intake

Server-Side Request Forgery in Fediverse Embeds WordPress Plugin

Vulnerability report for CVE-2026-12516, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-09

Assigner: WPScan

Description

The Fediverse Embeds WordPress plugin before 1.5.8 does not validate the destination of the server-side request performed by an unauthenticated media-proxying endpoint, allowing anonymous users to make the site fetch arbitrary URLs, including internal and private-network addresses, and read back the response body. This results in a full-read Server-Side Request Forgery and open proxy.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-09
Generated
2026-07-09
AI Q&A
2026-07-09
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
fediverse_embeds plugin to 1.5.8 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

The Fediverse Embeds WordPress plugin before version 1.5.8 contains a Server-Side Request Forgery (SSRF) vulnerability in its media-proxying endpoint. This endpoint does not validate the destination of server-side requests, allowing anonymous users to make the server fetch arbitrary URLs, including those on internal or private networks. Attackers can then read the response body from these requests, effectively using the server as an open proxy.

Impact Analysis

This vulnerability can allow attackers to access sensitive internal resources or private network addresses by making the server fetch and return data from arbitrary URLs. This can lead to unauthorized data disclosure, potential exposure of internal systems, and misuse of the server as an open proxy, which could be leveraged for further attacks or to bypass network restrictions.

Detection Guidance

This vulnerability can be detected by testing the unauthenticated media-proxying endpoint of the Fediverse Embeds WordPress plugin for SSRF behavior. An effective method is to send crafted REST requests with base64-encoded URLs to the endpoint and observe if the server fetches and returns the content of arbitrary URLs, including internal or private network addresses.

For example, you can use curl commands to send such requests and check the responses. A sample command might be:

  • curl -X POST "https://your-wordpress-site.com/wp-json/fediverse-embeds/v1/media-proxy" -d "url=BASE64_ENCODED_TARGET_URL"

Replace BASE64_ENCODED_TARGET_URL with the base64-encoded form of the URL you want to test. If the server returns the content of the requested URL, the vulnerability is present.

Mitigation Strategies

The immediate mitigation step is to update the Fediverse Embeds WordPress plugin to version 1.5.8 or later. This version fixes the vulnerability by validating the destination of server-side requests and returning an HTTP 403 error for unauthorized requests.

If updating immediately is not possible, consider temporarily disabling the media-proxying endpoint or restricting access to it to trusted users only, to prevent anonymous exploitation.

Compliance Impact

The vulnerability allows anonymous users to make the site fetch arbitrary URLs, including internal and private-network addresses, and read back the response body. This Server-Side Request Forgery (SSRF) and open proxy issue could potentially expose sensitive internal data.

Such unauthorized data access and potential data leakage could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require strict controls over access to personal and sensitive information.

However, the provided information does not explicitly mention the impact on compliance with these standards.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-12516. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart