CVE-2025-39439

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Apr 17, 2025

CWE ID 497

Summary

CVE-2025-39439 is a vulnerability affecting the Markus Drubba wpLike2Get plugin. This issue exposes sensitive system information to unauthorized control spheres, making it possible for attackers to retrieve embedded sensitive data. The vulnerability exists in versions of wpLike2Get from n/a through 1.2.9. By exploiting this weakness, unauthorized users can gain access to valuable information, potentially leading to significant security risks. It is important for users of this plugin to update to the latest version or consider disabling or removing it from their WordPress installations to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

WordPress

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/5RRyvW
https://www.cve.org/CVERecord?id=CVE-2025-39439
https://nvd.nist.gov/vuln/detail/CVE-2025-39439

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Predator Still Active, with New Client and Corporate Links Identified

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Know What Matters

For Customers

For Partners

CVE-2025-39439

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations