PT-2026-1416 · WordPress · Phlox Theme
Nguyen C
·
Publicado
2026-01-06
·
Atualizado
2026-01-06
·
CVE-2025-13215
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Phlox Theme plugin for WordPress versions through 2.17.13
Description
The Shortcodes and extra features for Phlox theme plugin for WordPress is susceptible to information disclosure. This issue affects the
auxels ajax search component due to inadequate restrictions on post inclusion. An unauthenticated attacker can potentially extract titles of draft posts that they are not authorized to view.Recommendations
Update the Phlox Theme plugin to a version beyond 2.17.13.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Phlox Theme