{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-0969", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-02-02T01:30:03.441Z", "datePublished": "2025-12-13T08:21:13.768Z", "dateUpdated": "2026-04-08T16:54:50.850Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:54:50.850Z"}, "affected": [{"vendor": "themefusecom", "product": "Brizy \u2013 Page Builder", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.7.16", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the get_users() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including email addresses and hashed passwords of administrators."}], "title": "Brizy \u2013 Page Builder <= 2.7.16 - Authenticated (Contributor+) Sensitive Information Exposure via get_users Function", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5987ef13-15d6-4ecf-894c-f22c8726402b?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/editor/api.php#L961"}, {"url": "https://wordpress.org/plugins/brizy/#developers"}, {"url": "https://plugins.trac.wordpress.org/changeset/3392844"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor", "cweId": "CWE-359", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Matthew Rollings"}], "timeline": [{"time": "2025-12-12T19:57:22.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-15T15:42:53.739388Z", "id": "CVE-2025-0969", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-15T15:46:32.369Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0969", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-15T15:42:53.739388Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-15T15:42:54.956Z"}}], "cna": {"title": "Brizy \u2013 Page Builder <= 2.7.16 - Authenticated (Contributor+) Sensitive Information Exposure via get_users Function", "credits": [{"lang": "en", "type": "finder", "value": "Matthew Rollings"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "themefusecom", "product": "Brizy \u2013 Page Builder", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.7.16"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-12-12T19:57:22.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5987ef13-15d6-4ecf-894c-f22c8726402b?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/editor/api.php#L961"}, {"url": "https://wordpress.org/plugins/brizy/#developers"}, {"url": "https://plugins.trac.wordpress.org/changeset/3392844"}], "descriptions": [{"lang": "en", "value": "The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the get_users() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including email addresses and hashed passwords of administrators."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-359", "description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:54:50.850Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0969", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:54:50.850Z", "dateReserved": "2025-02-02T01:30:03.441Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-12-13T08:21:13.768Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the get_users() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including email addresses and hashed passwords of administrators."}], "id": "CVE-2025-0969", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-12-13T16:16:44.517", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/editor/api.php#L961"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3392844"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/brizy/#developers"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5987ef13-15d6-4ecf-894c-f22c8726402b?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-359"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T13:53:09.837833+00:00", "value": {"mitigation_remediation": ["Upgrade the Brizy \u2013 Page Builder plugin to the latest supported version (2.7.17 or newer).", "If an immediate upgrade is not feasible, revoke Contributor and higher roles from affected users until the plugin can be updated, or enforce stricter role permissions so that get_users() cannot be called by those roles.", "Disable the Brizy \u2013 Page Builder plugin on sites that remain vulnerable until the update is applied."], "summary": {"action": "Apply Patch", "impact": "Sensitive Data Exposure of administrator credentials"}, "threat_synthesis": {"affected_systems": "WordPress sites running the Brizy \u2013 Page Builder plugin version 2.7.16 or older are impacted. The plugin is distributed by themefuse.com. No specific sub\u2011versions beyond 2.7.16 have been confirmed as secure; all earlier versions inherit the flaw.", "description_and_impact": "The vulnerability resides in the Brizy \u2013 Page Builder plugin\u2019s use of the get_users() function, which allows an attacker with Contributor\u2011level access or higher to retrieve email addresses and hashed passwords of administrators. This flaw is a classic example of CWE\u2011359: Exposure of Sensitive Information. The primary consequence is the compromise of confidential data, specifically user credentials that can be leveraged for further attacks such as credential stuffing or phishing.", "risk_and_exploitability": "The CVSS score of 6.5 indicates moderate severity, but the EPSS score of less than 1% suggests this issue is not widely exploited in the wild as of now. The vulnerability is not listed in the CISA KEV catalog. The attack requires authenticated access at the Contributor level or higher, making the exploit experience more limited to legitimate users of the site. However, once authenticated, the attacker can read sensitive user data, potentially escalating privileges or compromising other accounts."}}}}, "created": "2025-12-14T21:14:33.563147+00:00", "updated": "2026-04-22T14:00:18.229592+00:00", "vendors": ["brizy", "brizy$PRODUCT$brizy", "brizy$PRODUCT$brizy-page_builder", "wordpress", "wordpress$PRODUCT$wordpress"]}