What is CVE-2025-12560?

CVE-2025-12560 is a medium-severity vulnerability in Pr-gateway Blog2social: Social Media Auto Post & Scheduler, classified under Server-Side Request Forgery (SSRF). CVSS score: 4.3/10. Published 2025-11-06.

How severe is CVE-2025-12560?

Medium severity. CVSS v3 base score is 4.3 out of 10.

SSRF in Pr-gateway Blog2social: Social Media Auto Post & Scheduler

CVE-2025-12560

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 8.6.0 via the getFullContent() function. This makes it possible for authenticated a…

Vulnerability class: SSRF (Server-Side Request Forgery)

EPSS: 0.000 (11.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N.

Affected products

Pr-gateway Blog2social: Social Media Auto Post & Scheduler — versions 0

Weakness classification (CWE)

CWE-918 — Server-Side Request Forgery (SSRF)

References

Frequently asked questions

What is CVE-2025-12560?: CVE-2025-12560 is a medium-severity vulnerability in Pr-gateway Blog2social: Social Media Auto Post & Scheduler, classified under Server-Side Request Forgery (SSRF). CVSS score: 4.3/10. Published 2025-11-06.
How severe is CVE-2025-12560?: Medium severity. CVSS v3 base score is 4.3 out of 10.