WordPress Plugin Vulnerabilities

Custom Post Type UI < 1.18.1 - Unauthenticated Custom Post Type Modification

Description

The plugin is vulnerable to authorization bypass due to the plugin not verifying that a user has the required capability to perform actions in the "cptui_process_post_type" function. This makes it possible for unauthenticated attackers to add, edit, or delete custom post types in limited situations.

Affects Plugins

Plugin icon
custom-post-type-ui
Fixed in 1.18.1

References

CVE
CVE-2025-12826
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/90d203b1-9426-4eff-b566-02c8a1c6adfa

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
3.7 (low)

Miscellaneous

Original Researcher
mahdi salhi (CaptinSharky01)
Verified
No
WPVDB ID
4b967474-9172-4fa8-8daa-b978ef6d9b8f

Timeline

Publicly Published
2025-12-03 (about 5 months ago)
Added
2025-12-08 (about 5 months ago)
Last Updated
2025-12-08 (about 5 months ago)

Other

Published
Title
Published
2025-04-17
Title
JetElements For Elementor < 2.7.4.2 - Missing Authorization
Published
2023-09-04
Title
WiserNotify Social Proof < 2.6 - Missing Authorization
Published
2025-01-07
Title
The Ultimate WordPress Toolkit – WP Extended < 3.0.12 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting
Published
2024-10-25
Title
PegaPoll <= 1.0.2 - Unauthenticated Arbitrary Options Update
Published
2024-10-24
Title
Templately < 3.1.6 - Missing Authorization via AJAX actions