{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12747", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-11-05T14:49:36.149Z", "datePublished": "2025-11-21T16:28:14.277Z", "dateUpdated": "2026-04-08T17:21:09.919Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:21:09.919Z"}, "affected": [{"vendor": "tainacan", "product": "Tainacan", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Tainacan plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.0 via uploaded files marked as private being exposed in wp-content without adequate protection. This makes it possible for unauthenticated attackers to extract potentially sensitive information from files that have been marked as private."}], "title": "Tainacan <= 1.0.0 - Unauthenticated Information Exposure", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c64869f0-a4dd-4135-8ed8-a6ff82a48e1f?source=cve"}, {"url": "https://github.com/tainacan/tainacan/blob/2491612ee9d5b14baa70862ba2308ee925de0938/src/classes/class-tainacan-private-files.php"}, {"url": "https://github.com/tainacan/tainacan/compare/1.0.0...1.0.1"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-552 Files or Directories Accessible to External Parties", "cweId": "CWE-552", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Deadbee"}], "timeline": [{"time": "2025-11-05T17:29:17.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-11-20T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-21T16:40:17.831575Z", "id": "CVE-2025-12747", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-21T16:40:28.800Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12747", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-21T16:40:17.831575Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-21T16:40:21.810Z"}}], "cna": {"title": "Tainacan <= 1.0.0 - Unauthenticated Information Exposure", "credits": [{"lang": "en", "type": "finder", "value": "Deadbee"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "tainacan", "product": "Tainacan", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-11-05T17:29:17.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-11-20T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c64869f0-a4dd-4135-8ed8-a6ff82a48e1f?source=cve"}, {"url": "https://github.com/tainacan/tainacan/blob/2491612ee9d5b14baa70862ba2308ee925de0938/src/classes/class-tainacan-private-files.php"}, {"url": "https://github.com/tainacan/tainacan/compare/1.0.0...1.0.1"}], "descriptions": [{"lang": "en", "value": "The Tainacan plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.0 via uploaded files marked as private being exposed in wp-content without adequate protection. This makes it possible for unauthenticated attackers to extract potentially sensitive information from files that have been marked as private."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-552", "description": "CWE-552 Files or Directories Accessible to External Parties"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:21:09.919Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12747", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:21:09.919Z", "dateReserved": "2025-11-05T14:49:36.149Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-21T16:28:14.277Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Tainacan plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.0 via uploaded files marked as private being exposed in wp-content without adequate protection. This makes it possible for unauthenticated attackers to extract potentially sensitive information from files that have been marked as private."}], "id": "CVE-2025-12747", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-21T17:15:50.053", "references": [{"source": "security@wordfence.com", "url": "https://github.com/tainacan/tainacan/blob/2491612ee9d5b14baa70862ba2308ee925de0938/src/classes/class-tainacan-private-files.php"}, {"source": "security@wordfence.com", "url": "https://github.com/tainacan/tainacan/compare/1.0.0...1.0.1"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c64869f0-a4dd-4135-8ed8-a6ff82a48e1f?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-552"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T01:23:38.523897+00:00", "value": {"mitigation_remediation": ["Upgrade the Tainacan plugin to version 1.0.1 or later to apply the vendor patch.", "Configure WordPress to restrict HTTP access to the wp\u2011content directory that holds private files, for example by moving them outside the web root or by applying .htaccess rules to deny direct requests.", "Remove or relocate any pre\u2011existing private files that remain in wp\u2011content, and set appropriate file permissions to prevent unauthenticated access."], "summary": {"action": "Patch Now", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "Affected systems are installations of the Tainacan plugin for WordPress, specifically all versions up to and including 1.0.0. WordPress sites that have deployed these versions and have private files uploaded via Tainacan may have exposed confidential data.", "description_and_impact": "The vulnerability allows any unauthenticated user to read private files uploaded by the Tainacan WordPress plugin, because those files are stored in wp\u2011content without proper protection. The flaw is a direct information exposure that could reveal sensitive documents or data to unintended parties. This defect stems from an improper restriction of access to private resources, as identified by CWE\u2011552.", "risk_and_exploitability": "The CVSS score of 5.3 indicates medium severity, while the EPSS score of <1% suggests a very low probability of exploitation in the wild. The vulnerability is not listed in CISA\u2019s KEV catalog. Exploitation would likely involve the attacker simply requesting the location of a private file in the wp\u2011content directory, a path that is directly accessible because the plugin fails to enforce authentication checks. Therefore the threat is primarily limited to accidental or opportunistic disclosure, though the potential impact could still be significant if sensitive files are compromised."}}}}, "created": "2025-11-24T09:07:51.380038+00:00", "updated": "2026-04-21T01:30:24.393138+00:00", "vendors": ["tainacan", "tainacan$PRODUCT$tainacan", "wordpress", "wordpress$PRODUCT$wordpress"]}