Description
The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.7.1 via the eb_save_ai_generated_image function. This makes it possible for authenticated attackers, with Author-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Published: 2025-10-18
Score: 6.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Server‑Side Request Forgery (SSRF).
Action: Patch Now
AI Analysis

Impact

The Gutenberg Essential Blocks plugin uses the eb_save_ai_generated_image function to generate images. This function accepts a URL parameter and forwards the request to a remote host without validating the target. An authenticated user with Author role or higher can invoke this function, permitting the server to send HTTP requests to arbitrary addresses. This behavior can be leveraged to exfiltrate internal data or modify resource state, matching CWE‑918.

Affected Systems

WordPress plugin Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns, versions up to and including 5.7.1 are affected. The vulnerability exists in all releases from the earliest version through 5.7.1.

Risk and Exploitability

The CVSS score is 6.4, indicating a moderate severity. The EPSS score is below 1%, suggesting a low probability of exploitation at this time, and the issue is not listed in the CISA KEV catalog. Attackers need only authenticated Author‑level access, which is typically granted to content contributors. Once the function is called, the plugin can direct the server to any network location, including internal services, making the exploit practical for internal reconnaissance or denial‑of‑service attacks.

Generated by OpenCVE AI on April 21, 2026 at 02:14 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Gutenberg Essential Blocks to version 5.7.2 or later, which removes the unsafe URL handling in eb_save_ai_generated_image.
  • Restrict Author‑level permissions for users who do not require access to the image generation feature, limiting the attack surface.
  • Implement network request filtering at the application level (or firewall) to block outbound connections from the WordPress process to internal or sensitive resources, mitigating SSRF exploitation.

Generated by OpenCVE AI on April 21, 2026 at 02:14 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 08 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
References

Mon, 20 Oct 2025 20:00:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 20 Oct 2025 13:30:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Wpdevteam
Wpdevteam gutenberg Essential Blocks
Vendors & Products Wordpress
Wordpress wordpress
Wpdevteam
Wpdevteam gutenberg Essential Blocks

Sat, 18 Oct 2025 04:45:00 +0000

Type Values Removed Values Added
Description The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.7.1 via the eb_save_ai_generated_image function. This makes it possible for authenticated attackers, with Author-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Title Essential Blocks <= 5.7.1 - Authenticated (Author+) Server-Side Request Forgery
Weaknesses CWE-918
References
Metrics cvssV3_1

{'score': 6.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N'}

Subscriptions

Wordpress Wordpress
Wpdevteam Gutenberg Essential Blocks
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:25:51.712Z

Reserved: 2025-10-06T09:25:38.394Z

Link: CVE-2025-11361

cve-icon Vulnrichment

Updated: 2025-10-20T16:29:55.533Z

cve-icon NVD

Status : Deferred

Published: 2025-10-18T05:15:33.607

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-11361

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-21T02:15:06Z

Weaknesses