Access Control Vulnerability in Animated Text Block by bPlugins
CVE-2025-26883

6.5MEDIUM

Key Information:

Vendor: WordPress
Status: Animated Text Block
Vendor: CVE Published:; 24 February 2025

What is CVE-2025-26883?

The Animated Text Block plugin developed by bPlugins is susceptible to a missing authorization vulnerability. This security flaw allows attackers to exploit incorrectly configured access control security levels, potentially leading to unauthorized access and manipulation of the plugin's features. The vulnerability affects all versions from n/a through 1.0.7, necessitating immediate attention from website administrators using the plugin to ensure their systems are secure.

Affected Version(s)

Animated Text Block <= 1.0.7

References

https://patchstack.com/database/wordpress/plugin/animated...

vdb-entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 24, 2025
Vulnerability Reserved
Feb 17, 2025

Credit

Peter Thaleikis (Patchstack Alliance)