{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12525", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-30T16:42:04.778Z", "datePublished": "2025-11-25T07:28:22.250Z", "dateUpdated": "2026-04-08T17:09:27.297Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:09:27.297Z"}, "affected": [{"vendor": "appglut", "product": "Locker Content", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Locker Content plugin for WordPress is vulnerable to Sensitive Information Exposure in version 1.0.0 via the 'lockerco_submit_post' AJAX endpoint. This makes it possible for unauthenticated attackers to extract content from posts that has been protected by the plugin."}], "title": "Locker Content <= 1.0.0 - Unauthenticated Information Exposure", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/927f94b0-2a5d-4d17-a05b-7940d7976158?source=cve"}, {"url": "https://wordpress.org/plugins/locker-content/"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3400155%40locker-content&new=3400155%40locker-content"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "cweId": "CWE-200", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Athiwat Tiprasaharn"}], "timeline": [{"time": "2025-11-24T19:16:22.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-25T14:54:42.393178Z", "id": "CVE-2025-12525", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-25T14:54:49.589Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12525", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-25T14:54:42.393178Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-25T14:54:45.701Z"}}], "cna": {"title": "Locker Content <= 1.0.0 - Unauthenticated Information Exposure", "credits": [{"lang": "en", "type": "finder", "value": "Athiwat Tiprasaharn"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "appglut", "product": "Locker Content", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-11-24T19:16:22.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/927f94b0-2a5d-4d17-a05b-7940d7976158?source=cve"}, {"url": "https://wordpress.org/plugins/locker-content/"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3400155%40locker-content&new=3400155%40locker-content"}], "descriptions": [{"lang": "en", "value": "The Locker Content plugin for WordPress is vulnerable to Sensitive Information Exposure in version 1.0.0 via the 'lockerco_submit_post' AJAX endpoint. This makes it possible for unauthenticated attackers to extract content from posts that has been protected by the plugin."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:09:27.297Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12525", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:09:27.297Z", "dateReserved": "2025-10-30T16:42:04.778Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-25T07:28:22.250Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Locker Content plugin for WordPress is vulnerable to Sensitive Information Exposure in version 1.0.0 via the 'lockerco_submit_post' AJAX endpoint. This makes it possible for unauthenticated attackers to extract content from posts that has been protected by the plugin."}], "id": "CVE-2025-12525", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-25T08:15:48.493", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3400155%40locker-content&new=3400155%40locker-content"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/locker-content/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/927f94b0-2a5d-4d17-a05b-7940d7976158?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T00:25:22.297073+00:00", "value": {"mitigation_remediation": ["Upgrade Locker Content to the latest available version that removes the unauthenticated AJAX exposure", "If upgrading is not immediately possible, temporarily disable or protect the 'lockerco_submit_post' endpoint by adding authentication checks or removing it from the plugin\u2019s code", "Implement a web application firewall rule that blocks unauthenticated POST requests to the 'lockerco_submit_post' endpoint"], "summary": {"action": "Update Plugin", "impact": "Sensitive Information Exposure"}, "threat_synthesis": {"affected_systems": "The affected product is the Locker Content plugin for WordPress, provided by appglut. Version 1.0.0, as released and listed by the CNA, is vulnerable. Any WordPress site running this version and exposing the AJAX endpoint is at risk.", "description_and_impact": "A recent WordPress plugin, Locker Content, includes an AJAX endpoint named 'lockerco_submit_post' that is accessible without authentication. This endpoint returns the full content of posts that have been protected by the plugin, allowing an attacker to enumerate and download confidential information from a site. The vulnerability is a direct information disclosure weakness, classified under CWE\u2011200. When exploited, the attacker can read any protected post, potentially revealing private data, intellectual property, or sensitive user content.", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate severity, and an EPSS score of less than 1% suggests a low likelihood of exploitation in the near term. The vulnerability is not listed in the CISA KEV catalog. Attackers would need to discover the site URL and then send a simple, unauthenticated POST request to the AJAX endpoint, which is a web\u2011reachable vector. Because the error does not require elevated privileges, the attack could be executed from any network with access to the public site. The overall risk is moderate in impact, but the probability of exploitation is currently low."}}}}, "created": "2025-11-27T09:45:35.426176+00:00", "updated": "2026-04-22T00:30:04.052235+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}