The Breadcrumb NavXT plugin for WordPress is vulnerable to authorization bypass through user-controlled key in versions up to and including 7.5.0. This is due to the Gutenberg block renderer trusting the $_REQUEST['post_id'] parameter without verification in the includes/blocks/build/breadcrumb-trail/render.php file. This makes it possible for unauthenticated attackers to enumerate and view breadcrumb trails for draft or private posts by manipulating the post_id parameter, revealing post titles and hierarchy that should remain hidden.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Mtekk |
|
| Wordpress |
|
No data.
No data.
References
History
Thu, 19 Feb 2026 10:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Mtekk
Mtekk breadcrumb Navxt Wordpress Wordpress wordpress |
|
| Vendors & Products |
Mtekk
Mtekk breadcrumb Navxt Wordpress Wordpress wordpress |
Thu, 19 Feb 2026 05:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Breadcrumb NavXT plugin for WordPress is vulnerable to authorization bypass through user-controlled key in versions up to and including 7.5.0. This is due to the Gutenberg block renderer trusting the $_REQUEST['post_id'] parameter without verification in the includes/blocks/build/breadcrumb-trail/render.php file. This makes it possible for unauthenticated attackers to enumerate and view breadcrumb trails for draft or private posts by manipulating the post_id parameter, revealing post titles and hierarchy that should remain hidden. | |
| Title | Breadcrumb NavXT <= 7.5.0 - Missing Authorization to Sensitive Information Exposure | |
| Weaknesses | CWE-639 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published:
Updated: 2026-02-19T04:36:13.093Z
Reserved: 2025-12-01T18:55:52.648Z
Link: CVE-2025-13842
Vulnrichment
No data.
NVD
No data.
Redhat
No data.