Server-Side Request Forgery Vulnerability in KaizenCoders URL Shortify Plugin
CVE-2026-25385

Currently unrated

Key Information:

Vendor

WordPress
Status
Url Shortify
Vendor
CVE Published:
19 February 2026

What is CVE-2026-25385?

The URL Shortify plugin by KaizenCoders is susceptible to a Server-Side Request Forgery (SSRF) vulnerability that allows attackers to send crafted requests to internal services. This can lead to unauthorized access or manipulation of sensitive resources within the local network, posing a significant security risk. Users of versions up to and including 1.12.3 should take immediate action to mitigate this issue to protect their systems and sensitive data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

URL Shortify <= n/a

References

https://patchstack.com/database/Wordpress/Plugin/url-shor...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Jitlada | Patchstack Bug Bounty Program
JSON
.