CVE-2025-3912 – WordPress WS Form LITE Unauthorized Data Access Vulnerability

April 25, 2025

CVE ID : CVE-2025-3912

Published : April 25, 2025, 12:15 p.m. | 2 hours, 46 minutes ago

Description : The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ‘get_config’ function in all versions up to, and including, 1.10.35. This makes it possible for unauthenticated attackers to read the value of the plugin’s settings, including API keys for integrated services.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-6198 – “TP-Link Modem Lighttpd SNORE Stack Buffer Overflow Vulnerability”

Next Article CVE-2025-2986 – IBM Maximo Asset Management Stored Cross-Site Scripting Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Amazon Gaming Week is LIVE — 7 hand-picked deals with price-busting competitors that you can’t miss!

My favorite Xbox controller is superior to Microsoft’s — Amazon Gaming Week slices the price to below $90 for a limited time

13 of the best RTX gaming laptop deals I’ve found during Amazon Gaming Week

This lightning-fast Linux distro will hook you the moment you try it

Adopt the PACE Framework with IBM watsonx.governance

Adopt the PACE Framework with IBM watsonx.governance

Certifications | A rocket fuel for growth

How Innovative Healthcare Organizations Integrate Clinical Intelligence

Amazon Gaming Week is LIVE — 7 hand-picked deals with price-busting competitors that you can’t miss!

Amazon Gaming Week is LIVE — 7 hand-picked deals with price-busting competitors that you can’t miss!

My favorite Xbox controller is superior to Microsoft’s — Amazon Gaming Week slices the price to below $90 for a limited time

13 of the best RTX gaming laptop deals I’ve found during Amazon Gaming Week

CVE-2025-3912 – WordPress WS Form LITE Unauthorized Data Access Vulnerability

April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Fog Ransomware Directory With Active Directory Exploitation Tools & Scripts Uncovered

Sam Altman predicts agentic AI “clicking around the Internet” — If you trust it not to empty your bank account or delete data

AI Cyberattacks on the Rise: Are Australian Businesses Ready to Defend Themselves?

Best practices for Amazon RDS for SQL Server with Amazon EBS io2 Block Express volumes up to 64 TiB

The best laptop of CES 2025 just launched, and it promises 32 hours of video playback

Microsoft AI Introduces rStar-Math: A Self-Evolved System 2 Deep Thinking Approach that Significantly Boosts the Math Reasoning Capabilities of Small LLMs

NativePHP Windows Builds are Here

Dove eravamo rimasti?

Twilio’s Authy App Breach Exposes Millions of Phone Numbers

CVE-2025-3912 – WordPress WS Form LITE Unauthorized Data Access Vulnerability

Related Posts