CVE-2026-39670 — Joshua Nichols

Description

Server-Side Request Forgery (SSRF) vulnerability in Brecht Visual Link Preview visual-link-preview allows Server Side Request Forgery.This issue affects Visual Link Preview: from n/a through <= 2.3.0.

References

https://patchstack.com/database/Wordpress/Plugin/visual-link-preview/vulnerability/wordpress-visual-link-preview-plugin-2-3-0-server-side-request-forgery-ssrf-vulnerability?_s_id=cve

Published: Apr 08, 2026 09:16 UTC Modified: Apr 08, 2026 21:26 UTC