CVE-2025-12747 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The Tainacan plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.0 via uploaded files marked as private being e…
Medium CVSS: 5.3

CVE-2025-12747

The Tainacan plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.0 via uploaded files marked as private being exposed in wp-content without adequate protection. This makes it possible for unauthenticated attackers to extract potentially sensitive information from files that have been marked as private.
Vendor
-
Product
-
CWE
CWE-552
Yayın Tarihi
2025-11-21 17:15:50
Güncelleme
2025-11-25 22:16:42
Source Identifier
security@wordfence.com
KEV Date Added
-

Kategoriler

CWE-552 MEDIUM 2025

Referanslar

https://github.com/tainacan/tainacan/blob/2491612ee9d5b14baa70862ba2308ee925de0938/src/classes/class-tainacan-private-files.php https://github.com/tainacan/tainacan/compare/1.0.0...1.0.1 https://www.wordfence.com/threat-intel/vulnerabilities/id/c64869f0-a4dd-4135-8ed8-a6ff82a48e1f?source=cve