July 8, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
New Phishing Attack Hides Malicious Link from Outlook Users
June 5, 2025Apache Tomcat DoS Vulnerability PoC Released
June 6, 2025New Phishing Attack Hides Malicious Link from Outlook Users
June 5, 2025Apache Tomcat DoS Vulnerability PoC Released
June 6, 2025
Severity
Medium
Analysis Summary
CVE-2025-46258 CVSS:5.4
Missing Authorization vulnerability in BdThemes Element Pack Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Element Pack Pro: from n/a before 8.0.0.
CVE-2025-46257 CVSS:4.3
Cross-Site Request Forgery (CSRF) vulnerability in BdThemes Element Pack Pro allows Cross Site Request Forgery.This issue affects Element Pack Pro: from n/a before 8.0.0.
Impact
- Gain Access
Indicators of Compromise
CVE
CVE-2025-46258
CVE-2025-46257
Affected Vendors
- WordPress
Affected Products
- BdThemes Element Pack Pro - n/a
Remediation
Update the WordPress plugin to the latest available version.