CVE-2025-24751
WordPress CoBlocks plugin <= 3.1.13 - Broken Access Control vulnerabilityMissing Authorization vulnerability in GoDaddy CoBlocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CoBlocks: from n/a through 3.1.13.
We have discovered 180,103 live websites that are affected by CVE-2025-24751.
Affected Software
| Product |  GoDaddy CoBlocks |
| Category | Wordpress Plugins |
| Vulnerable Domains | 180,103 live websites (75.03% of GoDaddy CoBlocks install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 89 versions ( 96.74% of all versions) |
Common Weakness Enumeration
CWE-862 Missing AuthorizationDetails
- Published - Jan 24, 2025
- Updated - Feb 12, 2025
Credits
- Rafie Muhammad (Patchstack) (finder)
CWE
CVE References
CWE References
CVE-2025-24751 usage by Country
 United States | 172,400 websites |
 Germany | 1,713 websites |
 GB | 1,021 websites |
 Japan | 505 websites |
 France | 464 websites |
 Netherlands | 349 websites |
 Italy | 280 websites |
 Switzerland | 259 websites |
 Canada | 239 websites |
 Spain | 204 websites |
CVE-2025-24751 usage by TLD
| .com | 128,903 websites |
| .org | 13,949 websites |
| .net | 6,005 websites |
| .co.uk | 3,092 websites |
| .ca | 2,310 websites |
| .fr | 1,407 websites |
| .de | 1,253 websites |
| .nl | 927 websites |
| .com.au | 883 websites |
| .ch | 627 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2025-24751
Top websites that are affected by CVE-2025-24751. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *********.com | United States | ** | |
| **********.com | United States | *** | |
| ********.com | United States | *,*** | |
| *******.com | United States | *,*** | |
| ***********.com | United States | *,*** | |
| **********.com | United States | *,*** | |
| ********.org | United States | *,*** | |
| ****************.com | United States | *,*** | |
| *****************.org | United States | *,*** | |
| ****.********.com | United States | *,*** |
FAQ
CVE-2025-24751 is Missing Authorization in GoDaddy CoBlocks
A total of 180,103 websites have been identified as vulnerable to CVE-2025-24751, based on global website indexing conducted by WebTechSurvey.
The GoDaddy CoBlocks is affected by the CVE-2025-24751 vulnerability.
GoDaddy CoBlocks versions up to and including 3.1.13 are vulnerable to CVE-2025-24751.