CVE-2025-68043
published 2026-02-20CVE-2025-68043: Missing Authorization vulnerability in LottieFiles LottieFiles lottiefiles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue…
PriorityP277high7.3CVSS 3.1
AVNACLPRNUINSUCLILAL
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
0.59%
43.7th percentile
Missing Authorization vulnerability in LottieFiles LottieFiles lottiefiles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LottieFiles: from n/a through <= 3.0.0.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lottiefiles | lottiefiles | <= 3.0.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Unauthenticated GET request to the LottieFiles REST API settings endpoint returns HTTP 200 with JSON body containing 'is_block_logged_in', indicating exploitable missing authorization. ↗
- →Response body keyword 'is_block_logged_in' in JSON confirms the vulnerable settings endpoint is publicly accessible without authentication. ↗
- →Sensitive credential fields 'token', 'apiKey', and 'accessToken' may be leaked in the unauthenticated API response body; extract via regex patterns. ↗
- →No special privileges are required to exploit this vulnerability; any unauthenticated network request to the endpoint is sufficient. ↗
- ·Vulnerability affects LottieFiles WordPress plugin versions up to and including 3.0.0 only; patched versions beyond 3.0.0 are not affected. ↗
- ·CVSS score is 7.3 (High) with network attack vector, no privileges required, and no user interaction needed, making this remotely exploitable at scale. ↗
CVSS provenance
nvdv3.17.3HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
vulncheck7.3HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p52x-wxj2-j8jr: Missing Authorization vulnerability in LottieFiles LottieFiles lottiefiles allows Exploiting Incorrectly Configured Access Control Security Levels
ghsa_unreviewed·2026-02-20
CVE-2025-68043 [HIGH] CWE-862 GHSA-p52x-wxj2-j8jr: Missing Authorization vulnerability in LottieFiles LottieFiles lottiefiles allows Exploiting Incorrectly Configured Access Control Security Levels
Missing Authorization vulnerability in LottieFiles LottieFiles lottiefiles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LottieFiles: from n/a through <= 3.0.0.
VulnCheck
Missing Authorization
vulncheck·2025·CVSS 7.3
CVE-2025-68043 [HIGH] Missing Authorization
Missing Authorization
Missing Authorization vulnerability in LottieFiles LottieFiles lottiefiles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LottieFiles: from n/a through <= 3.0.0.
Affected: LottieFiles LottieFiles
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://tracker.crowdsec.net/cves/CVE-2025-68043
No detection rules found.
Nuclei
LottieFiles WordPress Plugin <= 3.0.0 - Missing Authorization
nuclei·CVSS 7.3
CVE-2025-68043 [HIGH] LottieFiles WordPress Plugin <= 3.0.0 - Missing Authorization
LottieFiles WordPress Plugin <= 3.0.0 - Missing Authorization
LottieFiles LottieFiles <= 3.0.0 contains a broken access control vulnerability caused by incorrectly configured access control security levels, letting attackers exploit missing authorization, exploit requires no special privileges.
Template:
id: CVE-2025-68043
info:
name: LottieFiles WordPress Plugin <= 3.0.0 - Missing Authorization
author: pussycat0x
severity: high
description: |
LottieFiles LottieFiles <= 3.0.0 contains a broken access control vulnerability caused by incorrectly configured access control security levels, letting attackers exploit missing authorization, exploit requires no special privileges.
impact: |
Attackers can bypass authorization to access or modify restricted resources, potentially leading to data
2026-02-20
Published
Exploited in the wild