{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-18T08:16:10.033","vulnerabilities":[{"cve":{"id":"CVE-2025-6253","sourceIdentifier":"security@wordfence.com","published":"2025-08-12T06:15:26.203","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.3.0 via the prepare_template() function due to a missing capability check and insufficient controls on the filename specified. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information."},{"lang":"es","value":"El complemento UiCore Elements – Free Elementor widgets and templates para WordPress es vulnerable a la lectura arbitraria de archivos en todas las versiones hasta la 1.3.0 incluida, mediante la función prepare_template() debido a la falta de una comprobación de capacidad y a la insuficiencia de controles en el nombre de archivo especificado. Esto permite que atacantes no autenticados lean el contenido de archivos arbitrarios en el servidor, que pueden contener información confidencial."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/changeset/3314574/uicore-elements#file3","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c7cd6e44-bd78-4eb8-bab8-09e2af583222?source=cve","source":"security@wordfence.com"}]}}]}