CVE-2025-12129 | CubeWP Plugin up to 1.1.27 on WordPress REST API Endpoint query-new information disclosure

Inserito da Angelo Barbosa | Gen 16, 2026 | CVE

A vulnerability was found in CubeWP Plugin up to 1.1.27 on WordPress. It has been rated as problematic. This vulnerability affects unknown code of the file /cubewp-posts/v1/query-new of the component REST API Endpoint. The manipulation leads to information disclosure.

This vulnerability is listed as CVE-2025-12129. The attack may be initiated remotely. There is no available exploit.

CVE-2025-12129 | CubeWP Plugin up to 1.1.27 on WordPress REST API Endpoint query-new information disclosure

Post correlati

CVE-2023-7191 | S-CMS up to 2.0_build20220529-20231006 member/reg.php M_login/M_email sql injection

CVE-2025-13499 | Wireshark up to 4.4.10/4.6.0 Kafka Dissector uninitialized pointer

CVE-2025-22819 | 4wpbari Qr Code and Barcode Scanner Reader Plugin up to 1.0.0 on WordPress cross site scripting

CVE-2024-35515 | sqlitedict up to 2.1.0 deserialization