PT-2025-47998 · WordPress · Wordpress Locker Content
Athiwat Tiprasaharn
·
Published
2025-11-25
·
Updated
2025-11-25
·
CVE-2025-12525
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
WordPress Locker Content plugin version 1.0.0
Description
The software is susceptible to unauthorized disclosure of sensitive information. An unauthenticated attacker can extract content from protected posts by exploiting the
lockerco submit post API endpoint.Recommendations
Update to a newer version that contains a fix for this vulnerability.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wordpress Locker Content