{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-1043", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-02-04T20:45:04.541Z", "datePublished": "2025-02-20T11:09:30.575Z", "dateUpdated": "2026-04-08T17:18:10.534Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:18:10.534Z"}, "affected": [{"vendor": "awsmin", "product": "Embed Any Document \u2013 Embed PDF, Word, PowerPoint and Excel Files", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.7.5", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Embed Any Document \u2013 Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.5 via the 'embeddoc' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."}], "title": "Embed Any Document \u2013 Embed PDF, Word, PowerPoint and Excel Files <= 2.7.5 - Authenticated (Contributor+) Blind Server-Side Request Forgery via embeddoc Shortcode", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b9f8c600-d62d-4f27-ba73-1a77a63859bc?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3242370/embed-any-document"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-918 Server-Side Request Forgery (SSRF)", "cweId": "CWE-918", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Youcef Hamdani"}], "timeline": [{"time": "2025-02-09T00:00:00.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-02-19T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-20T14:17:43.861808Z", "id": "CVE-2025-1043", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-20T14:17:51.926Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1043", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-20T14:17:43.861808Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-20T14:17:48.580Z"}}], "cna": {"title": "Embed Any Document \u2013 Embed PDF, Word, PowerPoint and Excel Files <= 2.7.5 - Authenticated (Contributor+) Blind Server-Side Request Forgery via embeddoc Shortcode", "credits": [{"lang": "en", "type": "finder", "value": "Youcef Hamdani"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "awsmin", "product": "Embed Any Document \u2013 Embed PDF, Word, PowerPoint and Excel Files", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "2.7.5"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-02-09T00:00:00.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-02-19T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b9f8c600-d62d-4f27-ba73-1a77a63859bc?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3242370/embed-any-document"}], "descriptions": [{"lang": "en", "value": "The Embed Any Document \u2013 Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.5 via the 'embeddoc' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-02-20T11:09:30.575Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1043", "state": "PUBLISHED", "dateUpdated": "2025-02-20T14:17:51.926Z", "dateReserved": "2025-02-04T20:45:04.541Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-02-20T11:09:30.575Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Embed Any Document \u2013 Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.5 via the 'embeddoc' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."}, {"lang": "es", "value": "El complemento Embed Any Document \u2013 Embed PDF, Word, PowerPoint and Excel Files para WordPress es vulnerable a Server-Side Request Forgery en todas las versiones hasta la 2.7.5 incluida a trav\u00e9s del c\u00f3digo corto 'embeddoc'. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, realicen solicitudes web a ubicaciones arbitrarias que se originan en la aplicaci\u00f3n web y se pueden usar para consultar y modificar informaci\u00f3n de servicios internos."}], "id": "CVE-2025-1043", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-02-20T12:15:11.030", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3242370/embed-any-document"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b9f8c600-d62d-4f27-ba73-1a77a63859bc?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T23:50:22.971405+00:00", "value": {"mitigation_remediation": ["Upgrade the Embed Any Document plugin to a version newer than 2.7.5 as soon as a fix is released.", "If an upgrade is not yet available, disable the 'embeddoc' shortcode or remove the plugin, and revoke Contributor or higher roles from users who do not require them.", "Apply firewall rules or network segmentation to prevent the WordPress server from accessing internal IP ranges, limiting the impact of any remaining SSRF.", "Monitor application logs for unexpected outbound HTTP requests and audit access privileges for abuse."], "summary": {"action": "Update Plugin", "impact": "Server\u2011Side Request Forgery"}, "threat_synthesis": {"affected_systems": "All WordPress installations that have the Embed Any Document \u2013 Embed PDF, Word, PowerPoint and Excel Files plugin (developed by awsmin) installed, versions 2.7.5 and below.", "description_and_impact": "The vulnerability is a server\u2011side request forgery (SSRF) that allows an authenticated user with Contributor or higher privileges to trigger outbound HTTP requests from the WordPress site by using the 'embeddoc' shortcode. By supplying a crafted URL, the attacker can have the server query or modify data on arbitrary internal services. The flaw is a classic blind SSRF (CWE-918) and could be leveraged to exfiltrate data or alter configuration on backend services.", "risk_and_exploitability": "The CVSS score of 6.4 indicates a fairly moderate impact, while the EPSS score of <1% suggests that exploitation is unlikely to be widespread at this time. The vulnerability is not listed in CISA's KEV catalog. Attackers would need to first gain Contributor\u2011level or higher access to the site and then insert a malicious shortcode to induce outbound requests, potentially exposing or manipulating internal resources."}}}}, "created": "2026-04-21T00:00:13.378786+00:00", "updated": "2026-04-21T00:00:13.378798+00:00", "vendors": []}