{"data":{"id":"c083e2f6-5a9d-4ea7-a288-d38fa57d377f","title":"CVE-2025-58829: Server-Side Request Forgery (SSRF) vulnerability in aitool Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGP","summary":"A server-side request forgery vulnerability (SSRF, a flaw where an attacker tricks a server into making unwanted requests to other systems) was discovered in the aitool Ai Auto Tool Content Writing Assistant plugin for WordPress, affecting versions up to 2.2.6. This vulnerability allows attackers to exploit the plugin's ability to make requests on the server's behalf, potentially accessing internal systems or data.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-58829","publishedAt":"2025-09-05T18:15:55.157Z","cveId":"CVE-2025-58829","cweIds":["CWE-918"],"cvssScore":"4.9","cvssSeverity":"medium","severity":"medium","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Gemini","ChatGPT"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00026,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-664"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.72,"researchCategory":null,"atlasIds":null}}