{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12377", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-28T00:08:29.199Z", "datePublished": "2025-11-13T11:29:03.241Z", "dateUpdated": "2026-04-08T16:58:41.809Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:58:41.809Z"}, "affected": [{"vendor": "smub", "product": "Envira Gallery \u2013 Image Photo Gallery, Albums, Video Gallery, Slideshows & More", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.12.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Gallery Plugin for WordPress \u2013 Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.12.0. This makes it possible for authenticated attackers, with Author-level access and above, to perform multiple actions, such as removing images from arbitrary galleries. The vulnerability was partially patched in version 1.12.0."}], "title": "Gallery Plugin for WordPress \u2013 Envira Photo Gallery <= 1.12.0 - Missing Authorization to Authenticated (Author+) Multiple Gallery Actions", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/69a0d985-cc85-45ba-889d-1ed30d06f9ce?source=cve"}, {"url": "https://drive.google.com/file/d/1AgsJeff1x4pQAFVGmoSwwU75iiH4-H_p/view?usp=sharing"}, {"url": "https://plugins.trac.wordpress.org/browser/envira-gallery-lite/trunk/includes/admin/ajax.php"}, {"url": "https://research.cleantalk.org/cve-2025-12377/"}, {"url": "https://plugins.trac.wordpress.org/changeset/3387243/envira-gallery-lite/trunk/includes/admin/ajax.php?old=3133202&old_path=envira-gallery-lite%2Ftrunk%2Fincludes%2Fadmin%2Fajax.php"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3394455%40envira-gallery-lite&old=3387243%40envira-gallery-lite&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Dmitrii Ignatyev"}], "timeline": [{"time": "2025-10-28T00:28:47.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-11-12T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-19T19:20:45.423977Z", "id": "CVE-2025-12377", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-19T19:21:15.000Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12377", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-19T19:20:45.423977Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-13T14:46:02.346Z"}}], "cna": {"title": "Gallery Plugin for WordPress \u2013 Envira Photo Gallery <= 1.12.0 - Missing Authorization to Authenticated (Author+) Multiple Gallery Actions", "credits": [{"lang": "en", "type": "finder", "value": "Dmitrii Ignatyev"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "smub", "product": "Gallery Plugin for WordPress \u2013 Envira Photo Gallery", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.12.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-10-28T00:28:47.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-11-12T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/69a0d985-cc85-45ba-889d-1ed30d06f9ce?source=cve"}, {"url": "https://drive.google.com/file/d/1AgsJeff1x4pQAFVGmoSwwU75iiH4-H_p/view?usp=sharing"}, {"url": "https://plugins.trac.wordpress.org/browser/envira-gallery-lite/trunk/includes/admin/ajax.php"}, {"url": "https://research.cleantalk.org/cve-2025-12377/"}, {"url": "https://plugins.trac.wordpress.org/changeset/3387243/envira-gallery-lite/trunk/includes/admin/ajax.php?old=3133202&old_path=envira-gallery-lite%2Ftrunk%2Fincludes%2Fadmin%2Fajax.php"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3394455%40envira-gallery-lite&old=3387243%40envira-gallery-lite&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The Gallery Plugin for WordPress \u2013 Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.12.0. This makes it possible for authenticated attackers, with Author-level access and above, to perform multiple actions, such as removing images from arbitrary galleries. The vulnerability was partially patched in version 1.12.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-12-15T02:21:32.994Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12377", "state": "PUBLISHED", "dateUpdated": "2025-12-19T19:21:15.000Z", "dateReserved": "2025-10-28T00:08:29.199Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-13T11:29:03.241Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Gallery Plugin for WordPress \u2013 Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.12.0. This makes it possible for authenticated attackers, with Author-level access and above, to perform multiple actions, such as removing images from arbitrary galleries. The vulnerability was partially patched in version 1.12.0."}], "id": "CVE-2025-12377", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-13T12:15:48.903", "references": [{"source": "security@wordfence.com", "url": "https://drive.google.com/file/d/1AgsJeff1x4pQAFVGmoSwwU75iiH4-H_p/view?usp=sharing"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/envira-gallery-lite/trunk/includes/admin/ajax.php"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3387243/envira-gallery-lite/trunk/includes/admin/ajax.php?old=3133202&old_path=envira-gallery-lite%2Ftrunk%2Fincludes%2Fadmin%2Fajax.php"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3394455%40envira-gallery-lite&old=3387243%40envira-gallery-lite&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://research.cleantalk.org/cve-2025-12377/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/69a0d985-cc85-45ba-889d-1ed30d06f9ce?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T11:44:32.444818+00:00", "value": {"mitigation_remediation": ["Upgrade the Envira Gallery plugin to the latest version that contains the complete fix.", "If an upgrade cannot be performed immediately, apply a temporary restriction by revoking gallery\u2011management capabilities from Author-level users or by disabling the gallery features for those roles via role\u2011management tools.", "Use a plugin security monitoring solution to detect unauthorized changes to gallery files and alert site administrators.", "Consider reviewing the site's overall role permissions to ensure users have only the necessary capabilities for their responsibilities."], "summary": {"action": "Upgrade", "impact": "Unauthorized Data Modification"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the smub Envira Gallery \u2013 Image Photo Gallery, Albums, Video Gallery, Slideshows & More plugin, all releases up to and including version 1.12.0. Users should verify the installed plugin version and consider upgrading beyond the affected releases.", "description_and_impact": "The Envira Gallery plugin for WordPress contains a missing capability check that allows an authenticated user with Author-level or higher permissions to modify gallery contents. This gives such an attacker the ability to delete or otherwise alter images in any gallery, potentially compromising the integrity and availability of site media. The weakness is identified as CWE\u2011862: Missing Authorization.", "risk_and_exploitability": "The CVSS score of 4.3 indicates a moderate severity. The EPSS score of less than 1% suggests that exploitation is unlikely at present, and the vulnerability is not currently listed in the CISA KEV catalog. Because the attacker must be authenticated with Author-level access, the attack surface is limited to sites that allow such roles to log in. A compromise would enable manipulation of gallery content but would not provide remote code execution or data exfiltration of other site data."}}}}, "created": "2025-11-13T15:49:58.592627+00:00", "updated": "2026-04-22T12:00:05.915754+00:00", "vendors": ["smub", "smub$PRODUCT$gallery_plugin_for_wordpress", "wordpress", "wordpress$PRODUCT$wordpress"]}