CVE-2026-27759 MEDIUM

CVE-2026-27759: Featured Image from Content < 1.7 Authenticated SSRF via save_post

Vendor Dhrumil Kumbhani
Product Featured Image from Content
Weakness CWE-918 · SSRF
Published February 27, 2026
Last update May 11, 2026

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L

What the vulnerability does

01Description

Featured Image from Content (featured-image-from-content) WordPress plugin versions prior to 1.7 contain an authenticated server-side request forgery vulnerability that allows Author-level users to fetch internal HTTP resources. Attackers can exploit insecure URL fetching and file write operations to retrieve sensitive internal data and store it in web-accessible upload directories.

Explanation of Vulnerability in Simple Terms

02Summary

Featured Image from Content versions before 1.7 contain a server-side request forgery vulnerability. An authenticated attacker can make the site send HTTP requests to internal or external systems on their behalf. The vulnerability requires low privileges and no user interaction. Impact is limited to integrity and availability of the affected component.

What an attacker can do

03Attacker Capabilities

Make the site send HTTP requests to internal or external systems on the attacker's behalf.

Potential impact on your site

04Site Impact

An authenticated attacker can probe internal systems or trigger actions on external services via your site.

Conditions required to exploit

05Prerequisites

Attacker must have a low-privilege account on the site (e.g., subscriber or contributor role).

Key dates

06Disclosure timeline

February 27, 2026 CVE published
May 11, 2026 Record updated