CVE-2025-24556
WordPress MooWoodle plugin <= 3.2.4 - Sensitive Data Exposure vulnerabilityInsertion of Sensitive Information into Log File vulnerability in DualCube MooWoodle allows Retrieve Embedded Sensitive Data. This issue affects MooWoodle: from n/a through 3.2.4.
We have discovered 51 live websites that are affected by CVE-2025-24556.
Affected Software
| Product |  Moowoodle |
| Category | Wordpress Plugins |
| Vulnerable Domains | 51 live websites (55% of Moowoodle install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 7 versions ( 88% of all versions) |
Common Weakness Enumeration
CWE-532 Insertion of Sensitive Information into Log FileDetails
- Published - Feb 3, 2025
- Updated - Feb 3, 2025
Credits
- Joshua Chan (Patchstack Alliance) (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2025-24556 United States | 9 websites |
 Spain | 6 websites |
 France | 6 websites |
 Brazil | 5 websites |
 Russia | 4 websites |
 Germany | 3 websites |
 Italy | 3 websites |
 Chile | 2 websites |
 United Arab Emirates | 1 websites |
 GB | 1 websites |
Website Distribution by TLD
Number of websites using CVE-2025-24556| .com | 17 websites |
| .com.br | 4 websites |
| .es | 3 websites |
| .ru | 3 websites |
| .fr | 2 websites |
| .it | 2 websites |
| .de | 1 websites |
| .net | 1 websites |
| .se | 1 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2025-24556
Top websites that are affected by CVE-2025-24556. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ****************.ir |  Iran | *,***,*** | |
| *******.******************.academy | Italy | *,***,*** | |
| ***********************.it | France | *,***,*** | |
| ***********.academy |  Indonesia | *,***,*** | |
| ************.com | France | *,***,*** | |
| *********************.es | Spain | *,***,*** | |
| ******.*****.com | United States | *,***,*** | |
| ***************.***.ar |  Singapore | **,***,*** | |
| **********************.com | United States | **,***,*** | |
| **************.com | Spain | **,***,*** |
FAQ
CVE-2025-24556 is Insertion of Sensitive Information into Log File in Moowoodle
A total of 51 websites have been identified as vulnerable to CVE-2025-24556, based on global website indexing conducted by WebTechSurvey.
The Moowoodle is affected by the CVE-2025-24556 vulnerability.
Moowoodle versions up to and including 3.2.4 are vulnerable to CVE-2025-24556.