Server-Side Request Forgery Vulnerability in Share This Image by WordPress
CVE-2026-42641

5.4MEDIUM

Key Information:

Vendor: WordPress
Status: Share This Image
Vendor: CVE Published:; 29 April 2026

What is CVE-2026-42641?

The Share This Image plugin for WordPress is vulnerable to a Server-Side Request Forgery (SSRF) issue. This vulnerability allows an attacker to send crafted requests from the server, potentially exposing sensitive information or enabling further attacks within the network. Affected versions include Share This Image up to and including version 2.14. Proper updates and security measures should be taken to mitigate the risks associated with this exploit.

Affected Version(s)

Share This Image 0 <= 2.14

References

https://patchstack.com/database/Wordpress/Plugin/share-th...

vdb-entry

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 29, 2026
Vulnerability Reserved
Apr 29, 2026

Credit

권민성 | Patchstack Bug Bounty Program

CVE-2026-42641 Data

JSON