CVE-2025-12180 | Qi Blocks Plugin up to 1.4.3 on WordPress REST API Endpoint update-styles update_global_styles_callback authorization

A vulnerability categorized as critical has been discovered in Qi Blocks Plugin up to 1.4.3 on WordPress. Affected by this issue is the function update_global_styles_callback of the file /qi-blocks/v1/update-styles of the component REST API Endpoint. The manipulation results in missing authorization.

This vulnerability is known as CVE-2025-12180. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More