VYPR

FIFU

by Featured Image from URL

CVEs (1)

  • CVE-2025-13393MedJan 10, 2026
    risk 0.21cvss 4.3epss 0.00

    The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.3.1. This is due to insufficient validation of user-supplied URLs before passing them to the getimagesize() function in the Elementor…