WordPress Task Scheduler plugin server-side request forgery vulnerability

WordPress Task Scheduler plugin is mainly used to manage and optimize the timed tasks in WordPress such as update checking, cache cleaning, etc., common plugins include WP-Crontrol and WPCron. WordPress Task Scheduler plugin has a server-side request forgery vulnerability, the vulnerability stems...

CVE-2025-10056

The Task Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.3 via the “Check Website” task. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations...

CVE-2025-10056

CVE-2025-10056 concerns the WordPress Task Scheduler plugin. Wordfence reports a Server-Side Request Forgery (SSRF) in all versions up to and including 1.6.3, exploitable via the Check Website task. The vulnerability requires authenticated access at Administrator level or higher, and an attacker ...

CVE-2025-10056 Task Scheduler <= 1.6.3 - Authenticated (Admin+) Blind Server-Side Request Forgery

The Task Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.3 via the “Check Website” task. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations...

CVE-2025-10056 Task Scheduler <= 1.6.3 - Authenticated (Admin+) Blind Server-Side Request Forgery

The Task Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.3 via the “Check Website” task. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations...

WordPress Task Scheduler plugin <= 1.6.3 - Authenticated (Admin+) Blind Server-Side Request Forgery vulnerability

Authenticated Admin+ Blind Server-Side Request Forgery vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Task Scheduler versions = 1.6.3...

WordPress plugin Task Scheduler 代码问题漏洞

WordPress Task Scheduler plugin is mainly used to manage and optimize the timed tasks in WordPress such as update checking, cache cleaning, etc., common plugins include WP-Crontrol and WPCron. WordPress Task Scheduler plugin has a server-side request forgery vulnerability, the vulnerability stems...