Cyber Resilience

CVE-2024-10705

Medium

Published: 26 January 2025

Published
26 January 2025
Modified
04 February 2025
KEV Added
Patch
CVSS Score v3.1 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
EPSS Score 0.0033 24.7th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2024-10705 is a medium-severity SSRF (CWE-918) vulnerability in Themeisle Multiple Page Generator. Its CVSS base score is 5.4 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Cloud Instance Metadata API (T1552.005); ranked at the 24.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-10705 is a Server-Side Request Forgery (SSRF) vulnerability, classified under CWE-918, affecting the Multiple Page Generator Plugin (MPG) for WordPress in all versions up to and including 4.0.5. The flaw resides in the 'mpg_download_file_by_link' function, which fails to properly validate user-supplied URLs, allowing the plugin to initiate requests to arbitrary domains from the server's context. The vulnerability carries a CVSS v3.1 base score of 5.4 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N), indicating medium severity with low privileges required for exploitation.

Authenticated attackers with editor-level access or higher can exploit this vulnerability to trick the WordPress server into making unauthorized web requests to internal or external locations. This enables potential querying or modification of sensitive information from internal services that are not directly accessible from the internet, such as metadata endpoints or administrative interfaces, without requiring user interaction.

Advisories reference a patch committed in WordPress plugin trac changeset 3205550, which addresses the issue in versions beyond 4.0.5. Wordfence's threat intelligence page provides additional details on the vulnerability, recommending immediate updates to mitigate risks for affected installations.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpg_download_file_by_link' function. This makes it possible for authenticated attackers, with editor-level access and above,…

more

to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1552.005 Cloud Instance Metadata API Credential Access
Adversaries may attempt to access the Cloud Instance Metadata API to collect credentials and other sensitive data.
Why these techniques?

SSRF directly enables querying of internal metadata endpoints (e.g., cloud instance metadata API) from the server context without external access.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-42858Shared CWE-918
CVE-2026-30832Shared CWE-918
CVE-2026-28467Shared CWE-918
CVE-2026-38527Shared CWE-918
CVE-2026-25545Shared CWE-918
CVE-2026-34746Shared CWE-918
CVE-2026-25991Shared CWE-918
CVE-2026-34367Shared CWE-918
CVE-2026-27829Shared CWE-918
CVE-2026-6604Shared CWE-918

Affected Assets

themeisle
multiple page generator
≤ 4.0.6

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of user-supplied URLs in the mpg_download_file_by_link function to block SSRF exploitation.

prevent

Mandates timely patching of the SSRF flaw in the Multiple Page Generator plugin as referenced in the advisory.

preventdetect

Enforces boundary protections like firewalls or WAFs to monitor and block unauthorized outbound requests to internal services from the web server.

References