WordPress GetContentFromURL plugin server-side request forgery vulnerability

The WordPress GetContentFromURL plugin is a tool that allows users to grab content from other websites and display it on WordPress sites with a simple short code. The WordPress GetContentFromURL plugin suffers from a server-side request forgery vulnerability that stems from the use of the...

CVE-2025-14613 GetContentFromURL <= 1.0 - Authenticated (Contributor+) Server-Side Request Forgery via 'url' Shortcode Attribute

The GetContentFromURL plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0. This is due to the plugin using wpremoteget instead of wpsaferemoteget to fetch content from a user-supplied URL in the 'url' parameter of the gcfu shortcode. This...

CVE-2025-14613 GetContentFromURL <= 1.0 - Authenticated (Contributor+) Server-Side Request Forgery via 'url' Shortcode Attribute

The GetContentFromURL plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0. This is due to the plugin using wpremoteget instead of wpsaferemoteget to fetch content from a user-supplied URL in the 'url' parameter of the gcfu shortcode. This...

WordPress plugin GetContentFromURL 代码问题漏洞

The WordPress GetContentFromURL plugin is a tool that allows users to grab content from other websites and display it on WordPress sites with a simple short code. The WordPress GetContentFromURL plugin suffers from a server-side request forgery vulnerability that stems from the use of the...

WordPress GetContentFromURL plugin <= 1.0 - Authenticated (Contributor+) Server-Side Request Forgery via 'url' Shortcode Attribute vulnerability

Authenticated Contributor+ Server-Side Request Forgery via 'url' Shortcode Attribute vulnerability discovered by Ivan Cese in WordPress Plugin GetContentFromURL versions = 1.0...