关键漏洞信息 CVE: CVE-2025-12128 CVSS: 4.3 (Medium) Publicly Published: December 4, 2025 Last Updated: December 5, 2025 Researcher: Jonas Benjamin Friedli 描述 Software Type: Plugin Software Slug: hide-categories-or-products-on-shop-page (view on wordpress.org) Patched?: No Remediation: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement. Affected Version: <= 1.0.7 参考 wordpress.org 其他信息 Bug Bounty Program: Report vulnerabilities in WordPress plugins and themes through our bug bounty program and earn a bounty on all in-scope submissions. Vulnerability Database API: The Wordfence Intelligence Vulnerability Database API is completely free to query and utilize, both personally and commercially.