vulnerability
WordPress Plugin: interactive-3d-flipbook-powered-physics-engine: CVE-2025-58226: Exposure of Sensitive Information to an Unauthorized Actor
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Sep 22, 2025 | Oct 9, 2025 | May 5, 2026 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Sep 22, 2025
Added
Oct 9, 2025
Modified
May 5, 2026
Description
The 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.16.16. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data.
Solution
interactive-3d-flipbook-powered-physics-engine-plugin-cve-2025-58226
References
- https://www.cve.org/CVERecord?id=CVE-2025-58226
- https://www.wordfence.com/threat-intel/vulnerabilities/id/7422e7c6-fe0a-49be-ba9e-d14f66e328d0?source=api-prod
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-30612
- CVE-2025-58226
- https://attackerkb.com/topics/CVE-2025-58226
- CWE-201
- EUVD-EUVD-2025-30612
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.