Ditty
CVE-2025-8085
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Lifecycle Timeline
3DescriptionCVE.org
The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs.
AnalysisAI
The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 18.1%.
Technical ContextAI
This vulnerability is classified as Server-Side Request Forgery (SSRF) (CWE-918), which allows attackers to make the server perform requests to unintended internal or external resources. The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs. Affected products include: Metaphorcreations Ditty. Version information: before 3.1.58.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate and allowlist destination URLs, block requests to internal networks, use network segmentation.
The Ditty WordPress plugin before 3.1.46 re-introduced a previously fixed security issue (https://wpscan.com/vulnerabili
The Ditty WordPress plugin before 3.1.25 does not sanitise and escape some parameters and generated URLs before outputti
The Ditty (formerly Ditty News Ticker) WordPress plugin before 3.0.15 is affected by a Reflected Cross-Site Scripting (X
The Ditty WordPress plugin before 3.1.36 does not sanitise and escape some of its settings, which could allow high privi
The Ditty WordPress plugin before 3.1.52 does not sanitise and escape some of its settings, which could allow high privi
The Ditty WordPress plugin before 3.1.47 does not sanitise and escape some of its settings, which could allow high privi
The Ditty WordPress plugin before 3.1.43 does not sanitise and escape some of its blocks' settings, which could allow hi
The Ditty WordPress plugin before 3.1.45 does not sanitise and escape some parameters, which could allow users with a ro
Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor pat
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today