{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14793", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-12-16T17:23:52.261Z", "datePublished": "2026-01-16T06:43:21.806Z", "dateUpdated": "2026-04-08T17:15:53.689Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:15:53.689Z"}, "affected": [{"vendor": "torstenbulk", "product": "DK PDF \u2013 WordPress PDF Generator", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.3.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The DK PDF \u2013 WordPress PDF Generator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3.0 via the 'addContentToMpdf' function. This makes it possible for authenticated attackers, author level and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."}], "title": "DK PDF \u2013 WordPress PDF Generator <= 2.3.0 - Authenticated (Author+) Server-Side Request Forgery", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b062f72a-542c-4212-af83-4faefbf69bd7?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/dk-pdf/trunk/modules/Frontend/WordPressIntegration.php?marks=22-25#L22"}, {"url": "https://plugins.trac.wordpress.org/browser/dk-pdf/trunk/modules/PDF/Generator.php?marks=24-56#L24"}, {"url": "https://plugins.trac.wordpress.org/browser/dk-pdf/tags/2.3.0/modules/PDF/DocumentBuilder.php#L213"}, {"url": "https://plugins.trac.wordpress.org/browser/dk-pdf/tags/2.3.0/templates/dkpdf-index.php#L134"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3440588%40dk-pdf&new=3440588%40dk-pdf&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-918 Server-Side Request Forgery (SSRF)", "cweId": "CWE-918", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "baseScore": 5, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Athiwat Tiprasaharn"}, {"lang": "en", "type": "finder", "value": "Peerapat Samatathanyakorn"}], "timeline": [{"time": "2025-12-13T00:00:00.000Z", "lang": "en", "value": "Discovered"}, {"time": "2026-01-15T18:31:31.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-16T13:50:50.188649Z", "id": "CVE-2025-14793", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-16T13:51:11.988Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-14793", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-16T13:50:50.188649Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-16T13:51:05.755Z"}}], "cna": {"title": "DK PDF \u2013 WordPress PDF Generator <= 2.3.0 - Authenticated (Author+) Server-Side Request Forgery", "credits": [{"lang": "en", "type": "finder", "value": "Athiwat Tiprasaharn"}, {"lang": "en", "type": "finder", "value": "Peerapat Samatathanyakorn"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}}], "affected": [{"vendor": "torstenbulk", "product": "DK PDF \u2013 WordPress PDF Generator", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.3.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-12-13T00:00:00.000Z", "value": "Discovered"}, {"lang": "en", "time": "2026-01-15T18:31:31.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b062f72a-542c-4212-af83-4faefbf69bd7?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/dk-pdf/trunk/modules/Frontend/WordPressIntegration.php?marks=22-25#L22"}, {"url": "https://plugins.trac.wordpress.org/browser/dk-pdf/trunk/modules/PDF/Generator.php?marks=24-56#L24"}, {"url": "https://plugins.trac.wordpress.org/browser/dk-pdf/tags/2.3.0/modules/PDF/DocumentBuilder.php#L213"}, {"url": "https://plugins.trac.wordpress.org/browser/dk-pdf/tags/2.3.0/templates/dkpdf-index.php#L134"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3440588%40dk-pdf&new=3440588%40dk-pdf&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The DK PDF \u2013 WordPress PDF Generator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3.0 via the 'addContentToMpdf' function. This makes it possible for authenticated attackers, author level and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:15:53.689Z"}}}, "cveMetadata": {"cveId": "CVE-2025-14793", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:15:53.689Z", "dateReserved": "2025-12-16T17:23:52.261Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-01-16T06:43:21.806Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The DK PDF \u2013 WordPress PDF Generator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3.0 via the 'addContentToMpdf' function. This makes it possible for authenticated attackers, author level and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."}, {"lang": "es", "value": "El plugin DK PDF \u2013 WordPress PDF Generator para WordPress es vulnerable a falsificaci\u00f3n de petici\u00f3n del lado del servidor en todas las versiones hasta e incluyendo la 2.3.0 a trav\u00e9s de la funci\u00f3n 'addContentToMpdf'. Esto hace posible que atacantes autenticados, con nivel de autor o superior, realicen peticiones web a ubicaciones arbitrarias originadas desde la aplicaci\u00f3n web y puede ser utilizado para consultar y modificar informaci\u00f3n de servicios internos."}], "id": "CVE-2025-14793", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-01-16T07:15:54.623", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/dk-pdf/tags/2.3.0/modules/PDF/DocumentBuilder.php#L213"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/dk-pdf/tags/2.3.0/templates/dkpdf-index.php#L134"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/dk-pdf/trunk/modules/Frontend/WordPressIntegration.php?marks=22-25#L22"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/dk-pdf/trunk/modules/PDF/Generator.php?marks=24-56#L24"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3440588%40dk-pdf&new=3440588%40dk-pdf&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b062f72a-542c-4212-af83-4faefbf69bd7?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T21:02:58.436315+00:00", "value": {"mitigation_remediation": ["Upgrade the DK PDF \u2013 WordPress PDF Generator plugin to the latest version released after 2.3.0.", "If an upgrade is not immediately possible, remove author or higher privileges from users who can install or configure the plugin, limiting the exposed authority level.", "Implement network segmentation or firewall rules that restrict outbound HTTP/HTTPS traffic from the WordPress server to internal addresses, thereby blocking the plugin\u2019s ability to reach internal resources."], "summary": {"action": "Immediate Patch", "impact": "Server\u2011Side Request Forgery (authenticated)"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the DK PDF \u2013 WordPress PDF Generator plugin distributed by torstenbulk for WordPress. All releases up to and including version 2.3.0 are impacted; newer versions beyond 2.3.0 are not listed as affected.", "description_and_impact": "The DK PDF \u2013 WordPress PDF Generator plugin contains a server\u2011side request forgery flaw in its addContentToMpdf function. An authenticated user with author privileges or higher can supply arbitrary URLs, causing the plugin to issue web requests from the application server. This can allow the attacker to interrogate or modify data on internal services, potentially exposing sensitive configuration, credentials, or enabling further internal attacks. The weakness is classed as CWE\u2011918.", "risk_and_exploitability": "The CVSS score of 5 indicates a moderate severity. The EPSS score of less than 1% signals a very low probability of exploitation at the time of analysis, and the flaw is not currently listed in CISA\u2019s KEV catalog. Exploitation requires the attacker to be authenticated with author-level access or higher and to submit a request that triggers the vulnerable function. The potential impact is primarily internal network compromise rather than direct code execution on the server."}}}}, "created": "2026-01-16T13:41:27.975925+00:00", "updated": "2026-04-20T21:15:20.622940+00:00", "vendors": ["torstenbulk", "torstenbulk$PRODUCT$dk_pdf", "wordpress", "wordpress$PRODUCT$wordpress"]}