CVE-2025-12558 | Beaver Builder Plugin up to 2.9.4 on WordPress get_attachment_sizes information disclosure

Inserito da Angelo Barbosa | Dic 9, 2025 | CVE

A vulnerability classified as problematic has been found in Beaver Builder Plugin up to 2.9.4 on WordPress. Impacted is the function get_attachment_sizes. This manipulation causes information disclosure.

This vulnerability is handled as CVE-2025-12558. The attack can be initiated remotely. There is not any exploit available.

CVE-2025-12558 | Beaver Builder Plugin up to 2.9.4 on WordPress get_attachment_sizes information disclosure

Post correlati

CVE-2024-33598 | Twinpictures Annual Archive Plugin up to 1.6.0 on WordPress cross site scripting

CVE-2023-50727 | resque Gem prior 2.6.0 on Ruby Queue Endpoint cross site scripting

CVE-2025-66626 | argoproj argo-workflows ZIP File path traversal

CVE-2024-29502 | Secure Lockdown Multi Application Edition 2.00.219 UNC Path information disclosure