PT-2026-20219 · WordPress · Context Blog
Jason Carle
·
Published
2026-02-18
·
Updated
2026-02-18
·
CVE-2025-12074
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Context Blog theme for WordPress versions through 1.2.5
Description
The Context Blog theme for WordPress is susceptible to information disclosure in versions up to and including 1.2.5. This is due to inadequate restrictions on post inclusion within the
context blog modal popup, potentially allowing unauthenticated attackers to access data from password-protected, private, or draft posts that they are not authorized to view.Recommendations
Update the Context Blog theme to a version later than 1.2.5.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Context Blog