Skip to main content
CVE-2025-11361 MEDIUM This Month

Server-Side Request Forgery in Gutenberg Essential Blocks plugin for WordPress allows authenticated attackers with Author-level or higher privileges to make arbitrary web requests originating from the vulnerable server via the eb_save_ai_generated_image function, enabling reconnaissance and manipulation of internal services. Affects all versions up to 5.7.1 with CVSS 6.4 severity; no active KEV status or public exploit code confirmed at time of analysis.

WordPress SSRF
NVD
CVSS 3.1
6.4
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy