Pz-LinkCard, CVE-2025-8594
- CVE, Research URL
- Home page URL
- Application
- Published on
- Oct 14, 2025
- Research Description
- The Pz-LinkCard WordPress plugin before 2.5.7 does not validate a parameter before making a request to it, which could allow users with a role as low as Contributor to perform SSRF attack.
- Affected versions
-
max 2.5.7.
- Status
-
vulnerable