CVE-2025-12980
Unknown Unknown - Not Provided
Unauthorized Data Access in PostX Plugin via REST API Endpoint

Publication date: 2025-12-21

Last updated on: 2025-12-21

Assigner: Wordfence

Description
The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the '/ultp/v2/get_dynamic_content/' REST API endpoint in all versions up to, and including, 5.0.3. This makes it possible for unauthenticated attackers to retrieve sensitive user metadata, including password hashes.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-21
Last Modified
2025-12-21
Generated
2026-06-16
AI Q&A
2025-12-21
EPSS Evaluated
2026-06-15
NVD
CVE-2025-12980
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
wordpress post_grid_gutenberg_blocks 5.0.3
wordpress post_grid_gutenberg_blocks 5.0.4
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX WordPress plugin, where a missing capability check on the '/ultp/v2/get_dynamic_content/' REST API endpoint allows unauthenticated attackers to access sensitive user metadata, including password hashes. Essentially, the plugin did not properly verify if a user was authorized to access certain data, enabling unauthorized data retrieval.

Impact Analysis

The vulnerability can lead to unauthorized disclosure of sensitive user information, such as password hashes. This could allow attackers to compromise user accounts or escalate privileges, potentially leading to further exploitation of the affected WordPress site.

Detection Guidance

You can detect this vulnerability by monitoring for unauthorized access attempts to the '/ultp/v2/get_dynamic_content/' REST API endpoint on your WordPress site. Specifically, look for unauthenticated requests retrieving sensitive user metadata. Using command-line tools like curl or wget, you can test access to this endpoint without authentication to see if sensitive data is returned. For example, you might run: curl -X GET https://yourwordpresssite.com/wp-json/ultp/v2/get_dynamic_content/ and check if sensitive user data or password hashes are returned. Additionally, reviewing web server logs for unusual GET requests to this endpoint from unauthenticated sources can help detect exploitation attempts. [2]

Mitigation Strategies

The immediate mitigation step is to update the Post Grid Gutenberg Blocks (PostX) plugin to version 5.0.4 or later, where the vulnerability is patched. The patch introduces proper access control checks on the REST API endpoint, including capability checks for private, draft, pending, and password-protected posts, preventing unauthorized data access. If updating immediately is not possible, restrict access to the '/ultp/v2/get_dynamic_content/' endpoint via firewall rules or web server configuration to block unauthenticated requests. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-12980. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart