VYPR

Featured Image From Content

by WordPress

CVEs (1)

  • CVE-2026-27759MedFeb 27, 2026
    risk 0.34cvss epss 0.00

    Featured Image from Content (featured-image-from-content) WordPress plugin versions prior to 1.7 contain an authenticated server-side request forgery vulnerability that allows Author-level users to fetch internal HTTP resources. Attackers can exploit insecure URL fetching and file write operations to retrieve sensitive internal data and store it in web-accessible upload directories.