CVE-2025-47664 – This SSRF vulnerability in ThimPress WP Pipes W... (How to Fix)

Q: What is the severity of CVE-2025-47664?

CVE-2025-47664 has a CVSS score of 4.4 (MEDIUM). This SSRF vulnerability in ThimPress WP Pipes WordPress plugin allows attackers to make unauthorized requests from the server to internal or external systems. It affects all WordPress sites running WP Pipes versions up to 1.4.2. Attackers could potentially access internal services or perform port scanning.

📋 TL;DR

This SSRF vulnerability in ThimPress WP Pipes WordPress plugin allows attackers to make unauthorized requests from the server to internal or external systems. It affects all WordPress sites running WP Pipes versions up to 1.4.2. Attackers could potentially access internal services or perform port scanning.

💻 Affected Systems

Products:

ThimPress WP Pipes WordPress Plugin

Versions: n/a through 1.4.2

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all WordPress installations with vulnerable WP Pipes versions installed and activated.

📦 What is this software?

Wp Pipes by Thimpress

View all CVEs affecting Wp Pipes →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers access internal services, exfiltrate sensitive data, or pivot to other internal systems through the compromised server.

🟠

Likely Case

Attackers scan internal networks, access metadata services (like AWS IMDS), or make requests to internal APIs.

🟢

If Mitigated

Limited to external requests only, with no access to internal resources due to network segmentation.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

SSRF vulnerabilities typically have low exploitation complexity once the vulnerable endpoint is identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.4.3 or later

Vendor Advisory: https://patchstack.com/database/wordpress/plugin/wp-pipes/vulnerability/wordpress-wp-pipes-1-4-2-server-side-request-forgery-ssrf-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Go to Plugins → Installed Plugins. 3. Find WP Pipes and click 'Update Now'. 4. Verify version is 1.4.3 or higher.

🔧 Temporary Workarounds

Disable WP Pipes Plugin

all

Temporarily disable the vulnerable plugin until patched.

wp plugin deactivate wp-pipes

Network Segmentation

all

Restrict outbound HTTP/HTTPS requests from web servers to only necessary external services.

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block SSRF patterns
Restrict server outbound network access using firewall rules

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Installed Plugins for WP Pipes version. If version is 1.4.2 or lower, you are vulnerable.

Check Version:

wp plugin get wp-pipes --field=version

Verify Fix Applied:

After updating, verify WP Pipes version shows 1.4.3 or higher in WordPress admin.

📡 Detection & Monitoring

Log Indicators:

Unusual outbound HTTP requests from web server to internal IPs or metadata services
Requests to unusual ports from web server process

Network Indicators:

HTTP requests from web server to internal network ranges
Requests to cloud metadata endpoints (169.254.169.254)

SIEM Query:

source="web_server_logs" AND (dest_ip=10.0.0.0/8 OR dest_ip=172.16.0.0/12 OR dest_ip=192.168.0.0/16 OR dest_ip=169.254.169.254)

📊 Metadata

CVE ID: CVE-2025-47664

CVSS v3 Score: 4.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

CWE: CWE-918

EPSS Score: 0.04% exploit probability (12.2th percentile)

Published: May 7, 2025

Last Updated: November 26, 2025

🔗 References

https://patchstack.com/database/wordpress/plugin/wp-pipes/vulnerability/wordpress-wp-pipes-1-4-2-server-side-request-forgery-ssrf-vulnerability?_s_id=cve Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-47664, you might also want to check these: