CVE-2025-60188

HIGH NUCLEI

Atarim - Info Disclosure

Title source: llm

Description

Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Retrieve Embedded Sensitive Data.This issue affects Atarim: from n/a through <= 4.2.1.

Exploits (1)

nomisec WORKING POC 22 stars

by m4sh-wacker · poc

https://github.com/m4sh-wacker/CVE-2025-60188-Atarim-Plugin-Exploit

View Code ZIP pw:eip

Nuclei Templates (1)

Atarim < 4.2.2 - Sensitive Information Exposure

HIGHVERIFIEDby m4sh_wacker

FOFA: body="atarim"

References (2)

[Various Sources] https://github.com/m4sh-wacker/CVE-2025-60188-Atarim-Plugin-Exploit

[Third Party Advisory] https://patchstack.com/database/Wordpress/Plugin/atarim-visual-collaboration/vulnerability/wordpress-atarim-plugin-4-2-sensitive-data-exposure-vulnerability-2?_s_id=cve

Scores

CVSS v3 7.5

EPSS 0.0156

EPSS Percentile 81.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-201

Status published

Products (2)

Vito Peleg/Atarim < <= 4.2

Vito Peleg/Atarim < 4.2.1

Published Nov 06, 2025

Tracked Since Feb 18, 2026