CVE-2025-8680
📋 TL;DR
The B Slider WordPress plugin versions ≤2.0.0 contain a Server-Side Request Forgery (SSRF) vulnerability in the fs_api_request function. Authenticated attackers with subscriber-level access or higher can force the server to make arbitrary web requests, potentially accessing internal services. This affects WordPress sites using vulnerable versions of the B Slider plugin.
💻 Affected Systems
- B Slider - Gutenberg Slider Block for WP
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could query internal services, access sensitive data, perform port scanning, or interact with cloud metadata services to escalate privileges.
Likely Case
Attackers scan internal networks, access internal APIs, or interact with services like AWS metadata endpoints to gather information.
If Mitigated
With proper network segmentation and egress filtering, impact is limited to information disclosure from reachable internal services.
🎯 Exploit Status
Requires authenticated access but only subscriber-level privileges. Exploitation requires understanding of SSRF techniques.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: > 2.0.0
Vendor Advisory: https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3343487%40b-slider&new=3343487%40b-slider&sfp_email=&sfph_mail=
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'B Slider - Gutenberg Slider Block for WP'. 4. Click 'Update Now' if available. 5. If no update appears, manually download latest version from WordPress plugin repository and replace files.
🔧 Temporary Workarounds
Disable Plugin
WordPressTemporarily disable the vulnerable plugin until patched
wp plugin deactivate b-slider
Restrict User Registration
WordPressPrevent new subscriber accounts from being created
Settings → General → Membership: Uncheck 'Anyone can register'
🧯 If You Can't Patch
- Implement network egress filtering to block outbound requests from web servers to internal networks
- Apply WordPress role restrictions to limit subscriber capabilities
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → B Slider version. If version ≤2.0.0, vulnerable.Check Version:
wp plugin get b-slider --field=versionVerify Fix Applied:
Verify plugin version >2.0.0 in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual outbound HTTP requests from web server to internal IPs
- Multiple HTTP requests to metadata services (169.254.169.254)
Network Indicators:
- Web server making unexpected outbound connections to internal services
- HTTP requests with unusual User-Agent strings from web server IP
SIEM Query:
source="web_server_logs" dest_ip IN (RFC1918_ranges, 169.254.169.254, localhost) AND user_agent="WordPress"🔗 References
- https://plugins.trac.wordpress.org/browser/b-slider/tags/1.1.30/bplugins_sdk/inc/Base/FSActivate.php#L166
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3343487%40b-slider&new=3343487%40b-slider&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/ac245316-228e-4508-b3fe-f7071fb1bc8e?source=cve
