CVE-2025-58829: Server-Side Request Forgery (SSRF) vulnerability in aitool Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGP
mediumvulnerability
security
Summary
A server-side request forgery vulnerability (SSRF, a flaw where an attacker tricks a server into making unwanted requests to other systems) was discovered in the aitool Ai Auto Tool Content Writing Assistant plugin for WordPress, affecting versions up to 2.2.6. This vulnerability allows attackers to exploit the plugin's ability to make requests on the server's behalf, potentially accessing internal systems or data.
Vulnerability Details
CVSS Score
4.9(medium)
EPSS (30-day exploit probability)
EPSS: 0.0%
Classification
Attack Type
Other
Attack SophisticationModerate
Impact (CIA+S)
confidentialityintegrity
Affected Vendors
Related Issues
Monthly digest — independent AI security research
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-58829
First tracked: February 15, 2026 at 08:50 PM
Classified by LLM (prompt v3) · confidence: 72%