CVE-2025-9985
Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log FileThe Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.7 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files.
We have discovered 1,931 live websites that are affected by CVE-2025-9985.
Affected Software
| Product |  Featured Image From Url |
| Category | Wordpress Plugins |
| Vulnerable Domains | 1,931 live websites (63% of Featured Image From Url install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 185 versions ( 98% of all versions) |
Common Weakness Enumeration
CWE-532 Insertion of Sensitive Information into Log FileDetails
- Published - Sep 26, 2025
- Updated - Sep 26, 2025
Credits
- ifoundbug (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2025-9985 United States | 731 websites |
 Germany | 148 websites |
 Russia | 75 websites |
 GB | 73 websites |
 Iran | 71 websites |
 France | 70 websites |
 Vietnam | 58 websites |
 Sweden | 47 websites |
 Japan | 43 websites |
 Cyprus | 41 websites |
Website Distribution by TLD
Number of websites using CVE-2025-9985| .com | 929 websites |
| .org | 101 websites |
| .net | 84 websites |
| .ru | 63 websites |
| .de | 43 websites |
| .se | 34 websites |
| .dk | 25 websites |
| .nl | 24 websites |
| .co.uk | 24 websites |
| .it | 23 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2025-9985
Top websites that are affected by CVE-2025-9985. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *****************.com |  Singapore | **,*** | |
| ***.***.il |  Israel | **,*** | |
| *****.io | United States | ***,*** | |
| **********.com |  China | ***,*** | |
| **************.vn | Vietnam | ***,*** | |
| *********.com | United States | ***,*** | |
| ****.*************.com | United States | ***,*** | |
| **********.com | Germany | ***,*** | |
| **********.com | United States | ***,*** | |
| **********.com | United States | ***,*** |
FAQ
CVE-2025-9985 is Insertion of Sensitive Information into Log File in Featured Image From Url
A total of 1,931 websites have been identified as vulnerable to CVE-2025-9985, based on global website indexing conducted by WebTechSurvey.
The Featured Image From Url is affected by the CVE-2025-9985 vulnerability.
Featured Image From Url versions up to and including 5.2.7 are vulnerable to CVE-2025-9985.
References
- https://www.wordfence.com/threat-intel/vulnerabilities/id/991d63da-ca6c-400e-beb7-b44cf629abc9?source=cve
- https://plugins.trac.wordpress.org/browser/featured-image-from-url/trunk/admin/log.php?rev=3344903
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3362830%40featured-image-from-url&new=3362830%40featured-image-from-url&sfp_email=&sfph_mail=#file6