CVE-2025-12521
Analytify Pro <= 7.0.3 - Unauthenticated Information ExposureThe Analytify Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.0.3 via the Analytify Tag HTML details. This makes it possible for unauthenticated attackers to extract usernames from source code. While we generally do not assign CVE IDs to username exposure issues, this vendor has specifically requested we consider it a vulnerability.
We have discovered 8,942 live websites that are affected by CVE-2025-12521.
Common Weakness Enumeration
CWE-200 Exposure of Sensitive Information to an Unauthorized ActorDetails
- Published - Oct 31, 2025
- Updated - Nov 3, 2025
Credits
- WPBrigade Support (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2025-12521 United States | 4,070 websites |
 GB | 650 websites |
 France | 592 websites |
 Germany | 372 websites |
 Norway | 346 websites |
 Poland | 242 websites |
 Netherlands | 218 websites |
 Australia | 204 websites |
 New Zealand | 183 websites |
 Canada | 168 websites |
Website Distribution by TLD
Number of websites using CVE-2025-12521| .com | 4,377 websites |
| .org | 617 websites |
| .co.uk | 341 websites |
| .fr | 299 websites |
| .net | 223 websites |
| .pl | 184 websites |
| .nl | 177 websites |
| .com.au | 177 websites |
| .de | 138 websites |
| .ca | 104 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2025-12521
Top websites that are affected by CVE-2025-12521. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *************.com | United States | **,*** | |
| ************.org | United States | **,*** | |
| ****.community | United States | **,*** | |
| **************.com | United States | **,*** | |
| ********.**.uk | GB | **,*** | |
| ***.***.my |  Malaysia | **,*** | |
| *********.com |  Cyprus | ***,*** | |
| ******.org | United States | ***,*** | |
| ****.***.br |  Brazil | ***,*** | |
| *****.org | United States | ***,*** |
FAQ
CVE-2025-12521 is Exposure of Sensitive Information to an Unauthorized Actor in Analytify
A total of 8,942 websites have been identified as vulnerable to CVE-2025-12521, based on global website indexing conducted by WebTechSurvey.
The Analytify is affected by the CVE-2025-12521 vulnerability.
Analytify versions up to and including 7.0.3 are vulnerable to CVE-2025-12521.