{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28036", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-02-25T12:13:25.489Z", "datePublished": "2026-03-05T05:54:14.141Z", "dateUpdated": "2026-04-28T17:32:18.546Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "ratatouille", "product": "Ratatouille", "vendor": "SkatDesign", "versions": [{"lessThanOrEqual": "1.2.6", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:05:40.363Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Server-Side Request Forgery (SSRF) vulnerability in SkatDesign Ratatouille ratatouille allows Server Side Request Forgery.<p>This issue affects Ratatouille: from n/a through <= 1.2.6.</p>"}], "value": "Server-Side Request Forgery (SSRF) vulnerability in SkatDesign Ratatouille ratatouille allows Server Side Request Forgery.This issue affects Ratatouille: from n/a through <= 1.2.6."}], "impacts": [{"capecId": "CAPEC-664", "descriptions": [{"lang": "en", "value": "Server Side Request Forgery"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "description": "Server-Side Request Forgery (SSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:15:04.802Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Theme/ratatouille/vulnerability/wordpress-ratatouille-theme-1-2-6-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"}], "title": "WordPress Ratatouille theme <= 1.2.6 - Server Side Request Forgery (SSRF) vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-05T20:51:25.994988Z", "id": "CVE-2026-28036", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T17:32:18.546Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-28036", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-05T20:51:25.994988Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-05T20:50:33.326Z"}}], "cna": {"title": "WordPress Ratatouille theme <= 1.2.6 - Server Side Request Forgery (SSRF) vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-664", "descriptions": [{"lang": "en", "value": "Server Side Request Forgery"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "SkatDesign", "product": "Ratatouille", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "1.2.6"}], "packageName": "ratatouille", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-01T16:05:40.363Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Theme/ratatouille/vulnerability/wordpress-ratatouille-theme-1-2-6-server-side-request-forgery-ssrf-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Server-Side Request Forgery (SSRF) vulnerability in SkatDesign Ratatouille ratatouille allows Server Side Request Forgery.This issue affects Ratatouille: from n/a through <= 1.2.6.", "supportingMedia": [{"type": "text/html", "value": "Server-Side Request Forgery (SSRF) vulnerability in SkatDesign Ratatouille ratatouille allows Server Side Request Forgery.<p>This issue affects Ratatouille: from n/a through <= 1.2.6.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:15:04.802Z"}}}, "cveMetadata": {"cveId": "CVE-2026-28036", "state": "PUBLISHED", "dateUpdated": "2026-04-28T17:32:18.546Z", "dateReserved": "2026-02-25T12:13:25.489Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-05T05:54:14.141Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Server-Side Request Forgery (SSRF) vulnerability in SkatDesign Ratatouille ratatouille allows Server Side Request Forgery.This issue affects Ratatouille: from n/a through <= 1.2.6."}, {"lang": "es", "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n del lado del servidor (SSRF) en SkatDesign Ratatouille ratatouille permite la falsificaci\u00f3n de petici\u00f3n del lado del servidor. Este problema afecta a Ratatouille: desde n/a hasta &lt;= 1.2.6."}], "id": "CVE-2026-28036", "lastModified": "2026-04-22T21:27:27.950", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-05T06:16:36.473", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Theme/ratatouille/vulnerability/wordpress-ratatouille-theme-1-2-6-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.2.6]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Ratatouille", "source": "cna", "vendor": "SkatDesign"}, "product": "ratatouille", "vendor": "skatdesign"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-15T23:11:53.137798+00:00", "value": {"mitigation_remediation": ["Upgrade the Ratatouille theme to the latest available version (1.2.7 or later) if such an update exists and includes an SSRF fix.", "If no patch is available, remove or disable the Ratatouille theme from the WordPress installation.", "Implement input validation and whitelist checks on any outbound HTTP requests made by WordPress plugins or themes; restrict requests to approved external hosts and block private IP ranges such as 127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16, and 172.16.0.0/12.", "Deploy a Web Application Firewall rule that blocks internal network requests or requests to localhost and private network ranges.", "Periodically scan the web application for open SSRF endpoints and update the configuration accordingly."], "summary": {"action": "Assess Impact", "impact": "Server Side Request Forgery"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the WordPress Ratatouille theme from the earliest released builds up to and including version 1.2.6. All installations using SkatDesign Ratatouille theme on WordPress platforms that have not upgraded past 1.2.6 are potentially exposed.", "description_and_impact": "A Server Side Request Forgery (SSRF) flaw exists in the SkatDesign Ratatouille WordPress theme through version 1.2.6. The vulnerability permits a malicious actor to cause the theme to initiate HTTP requests on behalf of the server, potentially accessing internal network resources or sensitive data. This weakness can expose confidential information or serve as a stepping\u2011stone for further exploits against internal services, depending on the configuration of the target environment.", "risk_and_exploitability": "The CVSS score is 6.4, indicating a medium severity. The EPSS score is lower than 1%, suggesting that exploitation is unlikely to be widespread, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is via a crafted request to a WordPress page that triggers the theme\u2019s request handler, which then issues back\u2011end traffic. Exploitation does not appear to require privileged access, but the attacker must be able to deliver a request to the vulnerable site. The lack of a publicly posted exploit and the low EPSS render the risk moderate, though mitigating the issue remains advisable for environments that expose sensitive internal networks."}}}}, "created": "2026-03-06T15:11:18.082170+00:00", "updated": "2026-04-15T23:15:17.767716+00:00", "vendors": ["skatdesign", "skatdesign$PRODUCT$ratatouille", "wordpress", "wordpress$PRODUCT$wordpress"]}