Sensitive Data Exposure in Spotlight - Social Media Feeds by WordPress
CVE-2025-39498

5.3MEDIUM

What is CVE-2025-39498?

A vulnerability in the Spotlight - Social Media Feeds (Premium) plugin allows for the retrieval of embedded sensitive data, potentially exposing user information. This issue occurs in versions from n/a up to 1.7.1 and can lead to serious privacy and data integrity concerns for users and administrators alike.

Affected Version(s)

Spotlight - Social Media Feeds (Premium) <= 1.7.1

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Abdi Pranata (Patchstack Alliance)
.
The Cyber Security Vulnerability Database.