CVE-2025-8085

Published Sep 8, 2025

Last updated a month ago

CVSS high 8.6
WordPress
Ditty

Overview

Description
The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs.
Source
contact@wpscan.com
NVD status
Analyzed
Products
ditty

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.6
Impact score
4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Severity
HIGH

Weaknesses

nvd@nist.gov
CWE-918

Social media

Hype score
Not currently trending

  1. CVE-2025-8085: Unauthenticated SSRF in Ditty WordPress Plugin No permission_callback → unauthenticated access. No filtering or sanitization of source_url. wp_remote_get() blindly fetches the attacker-supplied URL. #BugBounty #Wordpress #CyberSecurity https://t.co/HThxKSOEfR

    @NullSecurityX

    23 Sept 2025

    167 Impressions

    1 Retweet

    5 Likes

    1 Bookmark

    1 Reply

    0 Quotes

  2. CVE-2025-8085 (CVSS:8.6, HIGH) is Awaiting Analysis. The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoi..https://t.co/OIElYSRflR #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    13 Sept 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 📱 CVE-2025-8085: SSRF Vulnerability in WordPress Ditty Plugin Exposes Thousands of Sites 🔍 A critical flaw has been identified in the Ditty plugin for WordPress that allows attackers to send arbitrary requests without requiring authentication. https://t.co/3oKUxp8iOn

    @tpx_Security

    8 Sept 2025

    217 Impressions

    2 Retweets

    5 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 📱 CVE-2025-8085: Vulnerabilidad SSRF en plugin Ditty de WordPress expone miles de sitios 🔍 Se identificó una falla crítica en el plugin Ditty para WordPress que permite a atacantes realizar solicitudes arbitrarias sin necesidad de autenticación. https://t.co/PEKLEDVEvg

    @tpx_Security

    8 Sept 2025

    205 Impressions

    2 Retweets

    3 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  5. 🚨 New Research Alert! 🚨 CVE-2025-8085 – Unauthenticated SSRF in the WordPress Ditty plugin could allow attackers to pivot through your server into internal networks! Dive deep into the technical analysis and PoC here 👇 🔗 https://t.co/HThxKSPc5p #WordPress #SSRF #

    @NullSecurityX

    8 Sept 2025

    922 Impressions

    3 Retweets

    20 Likes

    7 Bookmarks

    0 Replies

    1 Quote

  6. CVE-2025-8085: SSRF in Ditty WordPress plugin, 8.6 rating❗️ The vulnerability allows attackers without authentication to make requests to arbitrary URLs. Search at https://t.co/hv7QKSr5Jp: 👉 Link: https://t.co/Ch7nLlneQj https://t.co/oGYJ8Tel9s

    @Netlas_io

    8 Sept 2025

    110 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  7. CVE-2025-8085 Unauthenticated URL Request Vulnerability in Ditty WordPress Plugin Before 3.1.58 https://t.co/8b0NgbSnZn

    @VulmonFeeds

    8 Sept 2025

    723 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    2 Replies

    0 Quotes

  8. CVE-2025-8085 The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make re… https://t.co/fEjAG6ZfUK

    @CVEnew

    8 Sept 2025

    395 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. 🚨 CVE-2025-8085: Unauthenticated SSRF in Ditty WordPress plugin lets anyone make your server fetch internal URLs. Patch to 3.1.58+ now! Full advisory ➡️ https://t.co/wfytyUEGLV #WordPress #infosec #AppSec

    @VolerionSec

    8 Sept 2025

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. The Master Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ma_el_bh_table_btn_text' parameter in versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.CVE-2026-2486
  2. WordPress Plugin "Survey Maker" versions 5.1.7.7 and prior contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed in the user's web browser.CVE-2026-26370
  3. The Deployment Infrastructure in Mintlify Platform before 2025-11-15 allows remote attackers to bypass security patches and execute downgrade attacks via predictable deployment identifiers on the Vercel preview domain. An attacker can identify the URL structure of a previous deployment that contains unpatched vulnerabilities. By browsing directly to the specific git-ref or deployment-id subdomain, the attacker can force the application to load the vulnerable version.CVE-2025-67846
  4. The W3 Total Cache WordPress plugin before 2.8.13 is vulnerable to command injection via the _parse_dynamic_mfunc function, allowing unauthenticated users to execute PHP commands by submitting a comment with a malicious payload to a post.CVE-2025-9501
  5. The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the add_single_eventon and add_eventon shortcodes due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract data from password protected, private, or draft posts that they should not have access to.CVE-2025-8091

References

Sources include official advisories and independent security research.