The vulnerability resides in the Share This Image WordPress plugin. The plugin processes image URLs from the WordPress Media Library. An attacker can supply a crafted URL that is then requested by the plugin server, allowing the server to reach arbitrary internal or external resources. This can be used to enumerate internal services, exfiltrate data, or potentially exploit other vulnerabilities if the fetched content is subsequently processed. The weakness is identified as CWE‑918 – Server‑Side Request Forgery. The overall impact is that an attacker can force the server to make HTTP/S requests to chosen targets, which can lead to data disclosure or escalation of privileges depending on the target system.

The plugin version range affected is all releases up to and including 2.14. The plugin is distributed by ILLID under the name Share This Image. Any WordPress installation that has this plugin installed with a version ≤ 2.14 is vulnerable. No specific operating system or WordPress core version is required beyond the presence of the plugin.

The CVSS score for this vulnerability is 5.4, indicating a moderate severity. EPSS is not available, so the historical likelihood of exploitation is unknown. The absence of a KEV listing means that there is no public evidence of active exploitation in the wild, but the lack of data does not preclude the possibility. The attack vector is likely via the web interface or an exposed plugin endpoint; the goal is to supply a malicious URL that the plugin will resolve. Successful exploitation would allow an attacker to cause the WordPress server to act as a proxy, potentially exposing internal resources or enabling subsequent attacks such as local privilege escalation or data exfiltration. The risk is increased if the WordPress configuration permits outgoing requests to internal networks or untrusted networks.