CVE-2025-6461
Information Exposure in CubeWP Plugin Allows Unauthorized Data Access
Publication date: 2026-01-25
Last updated on: 2026-01-25
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cubewp | cubewp_all-in-one_dynamic_content_framework | to 1.1.27 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the CubeWP WordPress plugin allows unauthenticated attackers to use the search feature to access data from password protected, private, or draft posts that they should not be able to see. It occurs because the plugin does not properly restrict which posts can be included in search results, exposing sensitive information.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized disclosure of sensitive or private content on your WordPress site, including password protected, private, or draft posts. This exposure could compromise confidential information, damage trust, and potentially lead to further security issues if sensitive data is leaked.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability could negatively impact compliance with data protection regulations such as GDPR and HIPAA by allowing unauthorized access to protected personal or sensitive information. Exposing such data without proper authorization may violate privacy requirements and lead to regulatory penalties.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if your WordPress site is running the CubeWP plugin version 1.1.27 or earlier. Since the vulnerability involves the AJAX search feature exposing unauthorized post data, monitoring HTTP POST requests to the AJAX search endpoint (likely involving class-cubewp-search-ajax-hooks.php) for unusual data exposure could help. For example, you can use curl commands to test the search feature and see if it returns data from password protected, private, or draft posts. A sample command might be: curl -X POST -d 'post_type=any&search=your_test_query' https://yourwordpresssite.com/wp-admin/admin-ajax.php?action=cubewp_search. Additionally, inspecting logs for unexpected access patterns or data leakage related to the search AJAX calls can help detect exploitation attempts. [2]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the CubeWP plugin to version 1.1.28 or later, where the vulnerability is fixed by sanitizing input, validating post types, and restricting search queries to published posts only. If updating is not immediately possible, consider disabling the AJAX search feature or restricting access to it to authenticated users only. Additionally, review and apply any available security patches or workarounds provided by the plugin maintainers. [2]