CVE-2025-58226
published 2025-09-22CVE-2025-58226: Insertion of Sensitive Information Into Sent Data vulnerability in iberezansky 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery…
PriorityP336medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EXPLOIT
EPSS
0.71%
48.7th percentile
Insertion of Sensitive Information Into Sent Data vulnerability in iberezansky 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery interactive-3d-flipbook-powered-physics-engine allows Retrieve Embedded Sensitive Data.This issue affects 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery: from n/a through <= 1.16.16.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
WordPress 3D FlipBook Plugin <= 1.16.17 - Sensitive Information Exposure
nuclei
CVE-2025-58226 WordPress 3D FlipBook Plugin <= 1.16.17 - Sensitive Information Exposure
WordPress 3D FlipBook Plugin <= 1.16.17 - Sensitive Information Exposure
The 3D FlipBook WordPress plugin (≤ v1.16.17) has a vulnerability where an unauthenticated AJAX action (fb3d_send_posts) exposes sensitive data. Attackers can access all flipbook posts—including password-protected content, metadata, PDF URLs, and plugin settings—without authorization.
Template:
id: CVE-2025-58226
info:
name: WordPress 3D FlipBook Plugin <= 1.16.17 - Sensitive Information Exposure
author: pussycat0x
severity: medium
description: |
The 3D FlipBook WordPress plugin (≤ v1.16.17) has a vulnerability where an unauthenticated AJAX action (fb3d_send_posts) exposes sensitive data. Attackers can access all flipbook posts—including password-protected content, metadata, PDF URLs, and plugin settings—without a
No writeups or analysis indexed.
2025-09-22
Published