Subscriber Server Side Request Forgery (SSRF) in Kirki <= 6.0.11 versions.
https://patchstack.com/database/wordpress/plugin/kirki/vulnerability/wordpress-kirki-plugin-6-0-11-server-side-request-forgery-ssrf-vulnerability?_s_id=cve
Source: Mitre, NVD
Published: 2026-06-26
Updated: 2026-06-26
Base Score: 3.6
Vector: CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:N
Severity: Low
Base Score: 4.9
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
Severity: Medium
EPSS: 0.0018
