Medium
CVSS 4.4
Overview
Server-Side Request Forgery (SSRF) vulnerability in Kerfred FG Drupal to WordPress allows Server Side Request Forgery. This issue affects FG Drupal to WordPress: from n/a through 3.90.0.
CVE-2025-48294
Server-Side Request Forgery (SSRF) vulnerability in Kerfred FG Drupal to WordPre...
Risk analysis
This vulnerability is rated 🟡 MEDIUM.
- CVSS: 4.4 (MEDIUM)
- Detected tags: drupal, ssrf, wordpress (tag impact: MODERATE)
Recommended actions:
- Deny access to internal/metadata addresses; use outbound allowlists.