{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-67989", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-12-15T10:00:44.500Z", "datePublished": "2025-12-16T08:12:59.145Z", "dateUpdated": "2026-04-28T16:14:25.303Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://themeforest.net", "defaultStatus": "unaffected", "packageName": "kerge", "product": "Kerge", "vendor": "LMPixels", "versions": [{"changes": [{"at": "4.1.4", "status": "unaffected"}], "lessThanOrEqual": "4.1.3", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Jo\u00e3o Pedro S Alc\u00e2ntara (Kinorth) | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-22T14:24:29.271Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Server-Side Request Forgery (SSRF) vulnerability in LMPixels Kerge kerge allows Server Side Request Forgery.<p>This issue affects Kerge: from n/a through <= 4.1.3.</p>"}], "value": "Server-Side Request Forgery (SSRF) vulnerability in LMPixels Kerge kerge allows Server Side Request Forgery.This issue affects Kerge: from n/a through <= 4.1.3."}], "impacts": [{"capecId": "CAPEC-664", "descriptions": [{"lang": "en", "value": "Server Side Request Forgery"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "description": "Server-Side Request Forgery (SSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:25.303Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Theme/kerge/vulnerability/wordpress-kerge-theme-4-1-3-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"}], "title": "WordPress Kerge theme <= 4.1.3 - Server Side Request Forgery (SSRF) vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-17T15:34:09.709122Z", "id": "CVE-2025-67989", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T18:10:38.281Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-67989", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-17T15:34:09.709122Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-17T15:34:03.832Z"}}], "cna": {"title": "WordPress Kerge theme <= 4.1.3 - Server Side Request Forgery (SSRF) vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Jo\u00e3o Pedro S Alc\u00e2ntara (Kinorth) | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-664", "descriptions": [{"lang": "en", "value": "Server Side Request Forgery"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "LMPixels", "product": "Kerge", "versions": [{"status": "affected", "changes": [{"at": "4.1.4", "status": "unaffected"}], "version": "0", "versionType": "custom", "lessThanOrEqual": "4.1.3"}], "packageName": "kerge", "collectionURL": "https://themeforest.net", "defaultStatus": "unaffected"}], "datePublic": "2026-04-22T14:24:29.271Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Theme/kerge/vulnerability/wordpress-kerge-theme-4-1-3-server-side-request-forgery-ssrf-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Server-Side Request Forgery (SSRF) vulnerability in LMPixels Kerge kerge allows Server Side Request Forgery.This issue affects Kerge: from n/a through <= 4.1.3.", "supportingMedia": [{"type": "text/html", "value": "Server-Side Request Forgery (SSRF) vulnerability in LMPixels Kerge kerge allows Server Side Request Forgery.<p>This issue affects Kerge: from n/a through <= 4.1.3.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-23T14:13:55.355Z"}}}, "cveMetadata": {"cveId": "CVE-2025-67989", "state": "PUBLISHED", "dateUpdated": "2026-04-27T18:10:38.281Z", "dateReserved": "2025-12-15T10:00:44.500Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2025-12-16T08:12:59.145Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Server-Side Request Forgery (SSRF) vulnerability in LMPixels Kerge kerge allows Server Side Request Forgery.This issue affects Kerge: from n/a through <= 4.1.3."}], "id": "CVE-2025-67989", "lastModified": "2026-04-27T18:16:52.780", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 2.7, "source": "audit@patchstack.com", "type": "Secondary"}]}, "published": "2025-12-16T09:16:00.663", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Theme/kerge/vulnerability/wordpress-kerge-theme-4-1-3-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-27T22:24:34.042978+00:00", "value": {"mitigation_remediation": ["Upgrade the Kerge theme to version 4.1.4 or later", "Disable any theme options that can trigger outbound HTTP requests", "Configure a web application firewall to block suspicious outgoing requests from WordPress"], "summary": {"action": "Update theme", "impact": "Server Side Request Forgery exposure"}, "threat_synthesis": {"affected_systems": "Affected systems include sites using the LMPixels Kerge theme version 4.1.3 or earlier. The vulnerability description lists all releases up to and including 4.1.3 as impacted, so any installation running one of those versions should be regarded as at risk.", "description_and_impact": "This vulnerability is a Server\u2011Side Request Forgery (SSRF) that is triggered within the Kerge WordPress theme. An attacker can cause the theme to perform outbound HTTP requests to arbitrary URLs from the server, potentially exposing internal networks or data to external parties. The flaw is classified as CWE\u2011918 and could lead to unauthorized data disclosure, internal network probing, or other downstream compromise.", "risk_and_exploitability": "The CVSS score of 5.4 indicates a moderate severity, and the EPSS score of less than 1% suggests the vulnerability is unlikely to be widely exploited at the present moment. The vulnerability is not included in CISA's KEV catalog. Exploitation would likely require an attacker to interact with a component of the theme that parses external URLs or triggers network calls, making the attack vector tied to user input or configuration that enables external resource fetching."}}}}, "created": "2025-12-16T17:08:47.678179+00:00", "updated": "2026-04-27T22:30:14.455422+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}