CVE-2025-68030

High

Published: 22 January 2026

Published

22 January 2026

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

EPSS Score 0.0004 12.0th percentile

Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-68030 is a high-severity SSRF (CWE-918) vulnerability. Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 12.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190).

Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

CA-8 Penetration Testing

addresses: CWE-918

Penetration testing attempts server-side requests to internal resources, identifying SSRF weaknesses for remediation.

SC-7 Boundary Protection

addresses: CWE-918

Outbound connections to external resources can be monitored and limited at the boundary, reducing SSRF impact.

SI-10 Information Input Validation

addresses: CWE-918

Validates server-side URLs and resource references to block SSRF attempts.

SI-4 System Monitoring

addresses: CWE-918

Detects server-side request forgery through monitoring of unexpected outbound connections.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

SSRF in public-facing WordPress plugin directly enables T1190 (Exploit Public-Facing Application) for remote unauthenticated access to internal resources.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Server-Side Request Forgery (SSRF) vulnerability in WP Messiah Frontis Blocks frontis-blocks allows Server Side Request Forgery.This issue affects Frontis Blocks: from n/a through <= 1.1.5.

Deeper analysisAI

CVE-2025-68030 is a Server-Side Request Forgery (SSRF) vulnerability, classified under CWE-918, in the WP Messiah Frontis Blocks WordPress plugin (frontis-blocks). This issue affects all versions from n/a through 1.1.5. The vulnerability carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N), highlighting its high severity due to network vector, low attack complexity, no privileges required, no user interaction needed, and changed scope with low confidentiality and integrity impacts.

An unauthenticated attacker can exploit this SSRF vulnerability remotely over the network with low complexity and without user interaction. Exploitation enables the attacker to trick the server into making unauthorized requests, potentially accessing internal resources or services, resulting in limited confidentiality and integrity impacts as per the CVSS scoring.

Patchstack has published an advisory with details on this vulnerability, available at https://patchstack.com/database/Wordpress/Plugin/frontis-blocks/vulnerability/wordpress-frontis-blocks-plugin-1-1-5-server-side-request-forgery-ssrf-vulnerability?_s_id=cve.

Details

CWE(s): CWE-918

CVEs Like This One

CVE-2026-7025Shared CWE-918

CVE-2025-21385Shared CWE-918

CVE-2025-52362Shared CWE-918

CVE-2026-31317Shared CWE-918

CVE-2026-5016Shared CWE-918

CVE-2026-26338Shared CWE-918

CVE-2025-58045Shared CWE-918

CVE-2025-27651Shared CWE-918

CVE-2026-39362Shared CWE-918

CVE-2026-5052Shared CWE-918

References

https://patchstack.com/database/Wordpress/Plugin/frontis-blocks/vulnerability/wordpress-frontis-blocks-plugin-1-1-5-server-side-request-forgery-ssrf-vulnerability?_s_id=cve
audit@patchstack.com