CVE-2025-12134 | ZoloBlocks Plugin up to 2.3.11 on WordPress update_popup_status authorization

October 24, 2025 Yanac

A vulnerability classified as critical has been found in ZoloBlocks Plugin up to 2.3.11 on WordPress. Impacted is the function update_popup_status. The manipulation leads to missing authorization.

This vulnerability is documented as CVE-2025-12134. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More

CVE-2025-12096 | Simple Excel Pricelist for WooCommerce Plugin up to 1.13 on WordPress Shortcode cross site scripting
CVE-2025-12014 | NGINX Cache Optimizer Plugin up to 1.1 on WordPress Setting authorization