Featured Image from Content WordPress Plugin Authenticated Server-Side Request Forgery Vulnerability

Vulnerability

A server-side request forgery (SSRF) vulnerability has been identified in the Featured Image from Content WordPress plugin, affecting versions prior to 1.7. This vulnerability allows authenticated users with Author-level permissions to access internal HTTP resources. Exploitation of this vulnerability could lead to the retrieval of sensitive internal data, which could then be stored in web-accessible upload directories.

Impact

Exploitation of this vulnerability could result in unauthorized access to internal HTTP resources, allowing for the retrieval of sensitive data that could be exposed through web-accessible upload directories.

Added: Feb 28, 2026, 12:28 AM

Updated: Feb 28, 2026, 12:28 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.8

exploitability

4.3

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.8

exploitability

4.3

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Featured Image from Content WordPress Plugin Authenticated Server-Side Request Forgery Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating