CVE-2025-54352

LOW

WordPress 3.5-6.8.2 - Unauthenticated Private Post Title Exposure via Pingback XML-RPC Requests

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2025-54352. PoCs published by mufasa4o4, crypcky, yohannslm.

AI-analyzed exploit summary This repository contains a functional Python script that exploits the XML-RPC Pingback vulnerability in WordPress (CVE-2025-54352). The script sends crafted XML-RPC requests to a target WordPress site, leveraging the pingback.ping method to potentially trigger SSRF or other attacks.

Description

WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior.

Exploits (4)

nomisec WORKING POC 1 stars
by mufasa4o4 · poc
https://github.com/mufasa4o4/XML-RPC-Pingback-Vulnerability

This repository contains a functional Python script that exploits the XML-RPC Pingback vulnerability in WordPress (CVE-2025-54352). The script sends crafted XML-RPC requests to a target WordPress site, leveraging the pingback.ping method to potentially trigger SSRF or other attacks.

Classification
Working Poc 90%
Attack Type
Ssrf
Complexity
Moderate
Reliability
Reliable
Target: WordPress 3.5 through 6.8.2
No auth needed
Prerequisites: Target WordPress site with XML-RPC enabled · Source URI for the pingback · Wordlist file for target URIs
devstral-2 · analyzed Feb 23, 2026 Full analysis →
nomisec WORKING POC 1 stars
by crypcky · poc
https://github.com/crypcky/XML-RPC-Pingback-Vulnerability

This repository contains a functional Python script that exploits the XML-RPC Pingback vulnerability in WordPress (CVE-2025-54352). The script sends crafted XML-RPC requests to a target WordPress site, leveraging the pingback.ping method to potentially trigger SSRF or other attacks.

Classification
Working Poc 90%
Attack Type
Ssrf
Complexity
Moderate
Reliability
Reliable
Target: WordPress 3.5 to 6.8.2
No auth needed
Prerequisites: Target WordPress site with XML-RPC enabled · Wordlist file for target URIs
devstral-2 · analyzed Feb 19, 2026 Full analysis →
nomisec WORKING POC 1 stars
by yohannslm · poc
https://github.com/yohannslm/CVE-2025-54352

This PoC exploits a timing-based side-channel vulnerability in WordPress's XML-RPC pingback functionality to leak private/draft post titles. It uses a brute-force approach with timing analysis to infer characters of the title.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: WordPress (version not specified, but likely affects multiple versions)
No auth needed
Prerequisites: WordPress instance with XML-RPC enabled · Network access to the target
devstral-2 · analyzed Feb 19, 2026 Full analysis →
github WORKING POC
by limmmw · javascriptpoc
https://github.com/limmmw/CVE-2025-54352

This repository contains a functional PoC for CVE-2025-54352, which exploits an information leak vulnerability in WordPress to retrieve the titles of private or draft posts. The PoC uses Node.js to send crafted requests to a WordPress instance and extract sensitive data.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: WordPress (version not specified)
No auth needed
Prerequisites: WordPress instance with private/draft posts · Node.js environment
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 3.7
EPSS 0.0031
EPSS Percentile 22.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-669
Status published
Products (1)
WordPress/WordPress 3.5 - 6.8.2
Published Jul 21, 2025
Tracked Since Feb 18, 2026