CVE-2025-11917 identifies a Server-Side Request Forgery (SSRF) vulnerability in the WPeMatico RSS Feed Fetcher plugin for WordPress, specifically in the wpematico_test_feed() function. This vulnerability affects all versions up to and including 2.8.11. SSRF vulnerabilities allow an attacker to abuse a vulnerable server to send crafted requests to internal or external systems that the server can reach but the attacker cannot directly access. In this case, an authenticated attacker with at least Subscriber-level privileges can trigger the SSRF without requiring additional user interaction. The attacker can leverage this to make arbitrary HTTP requests originating from the web application server, potentially querying internal services, accessing sensitive data, or modifying information within internal networks. The vulnerability has a CVSS 3.1 base score of 6.4, indicating medium severity, with the vector showing network attack vector, low attack complexity, privileges required, no user interaction, and a scope change. No patches or exploits are currently publicly available, but the risk remains significant due to the potential for internal network reconnaissance and data manipulation. The vulnerability is categorized under CWE-918, which covers SSRF issues. Given the widespread use of WordPress and the popularity of RSS feed plugins, this vulnerability poses a notable risk to websites using WPeMatico, especially those with internal services accessible from the web server.

For European organizations, this SSRF vulnerability can lead to unauthorized internal network access, potentially exposing sensitive internal services that are not directly accessible from the internet. Attackers could use this to gather information about internal infrastructure, bypass firewall restrictions, or manipulate internal data, impacting confidentiality and integrity. Although availability impact is low, the breach of internal services could facilitate further attacks or data exfiltration. Organizations running WordPress sites with the WPeMatico plugin, especially those integrating internal APIs or services accessible from the web server, are at risk. The medium severity rating reflects the need for attention but also the requirement for some level of authentication, which limits exposure to external unauthenticated attackers. However, given the common practice of granting Subscriber-level access to users or contributors, the attack surface remains significant. This vulnerability could be exploited in targeted attacks against European businesses, government websites, or media outlets relying on WordPress and this plugin.

1. Immediately audit WordPress installations to identify the presence of the WPeMatico RSS Feed Fetcher plugin and its version. 2. Restrict or remove the plugin if it is not essential to reduce attack surface. 3. Monitor for updates from the vendor or WordPress plugin repository and apply patches as soon as they become available. 4. Limit Subscriber-level user accounts and review user privileges to minimize the number of users who can exploit this vulnerability. 5. Implement network segmentation and firewall rules to restrict the web server's ability to access sensitive internal services or administrative interfaces. 6. Use Web Application Firewalls (WAFs) to detect and block suspicious SSRF patterns or unusual outbound requests from the web server. 7. Conduct internal scans and penetration tests to identify if internal services are exposed or vulnerable to SSRF exploitation. 8. Educate administrators and developers about SSRF risks and secure coding practices to prevent similar issues in custom plugins or themes.