Sensitive Data Exposure in NordicMade Savoy Theme
CVE-2025-54736

5.3MEDIUM

Key Information:

Vendor: WordPress
Status: Savoy
Vendor: CVE Published:; 14 August 2025

What is CVE-2025-54736?

The NordicMade Savoy theme contains a vulnerability that allows unauthorized access to embedded sensitive data, potentially exposing critical information to malicious actors. This issue impacts all versions from n/a up to 3.0.8, making it essential for users to ensure their installations are secure and updated to mitigate risks associated with data leakage.

Affected Version(s)

Savoy <= 3.0.8

References

https://patchstack.com/database/wordpress/theme/savoy/vul...

vdb-entry

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2025
Vulnerability Reserved
Jul 28, 2025

Credit

Ananda Dhakal (Patchstack)

WordPress

What is CVE-2025-54736?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit