CVE-2025-12057 Blast Radius

CRITICAL • CVSS 9.8The WavePlayer WordPress plugin before 3.8.0 does not have authorization in an AJAX action as well as does not validate the file to be copied locally,

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2025-12057.

Start Free Scan →← Back to CVE-2025-12057