Tag: CVE-2025-54352

All the articles with the tag "CVE-2025-54352".

[CVE-2025-54352] WordPress XML-RPC Pingback Leaks Titles of Private and Draft Posts

21 Jul, 2025

A flaw in the longstanding pingback feature exposes the titles of unpublished WordPress content to the internet. An attacker needs nothing more than access to xmlrpc.php to enumerate every confidential headline.

[CVE-2025-54352] WordPress XML-RPC Pingback Leaks Titles of Private and Draft Posts