Information Exposure Vulnerability in Context Blog Theme by WordPress
CVE-2025-12074
5.3MEDIUM
What is CVE-2025-12074?
The Context Blog theme for WordPress contains a vulnerability that allows unauthenticated attackers to access sensitive information from password-protected, private, or draft posts. This issue arises from inadequate restrictions on the 'context_blog_modal_popup' feature, leading to potential data exposure. Users of versions up to and including 1.2.5 are advised to take appropriate measures to secure their sites and apply necessary updates.
Affected Version(s)
Context Blog 0 <= 1.2.5