PT-2026-20219 · WordPress · Context Blog
Jason Carle
·
Publicado
2026-02-18
·
Atualizado
2026-02-18
·
CVE-2025-12074
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Context Blog theme for WordPress versions through 1.2.5
Description
The Context Blog theme for WordPress is susceptible to information disclosure in versions up to and including 1.2.5. This is due to inadequate restrictions on post inclusion within the
context blog modal popup, potentially allowing unauthenticated attackers to access data from password-protected, private, or draft posts that they are not authorized to view.Recommendations
Update the Context Blog theme to a version later than 1.2.5.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Context Blog