CVE-2025-48138

WordPress BERTHA AI <= 1.12.11 - Broken Access Control Vulnerability

Missing Authorization vulnerability in berthaai BERTHA AI allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects BERTHA AI: from n/a through 1.12.11.

We have discovered 9 live websites that are affected by CVE-2025-48138.

Run a Free Instant Scan



Affected Software

Product  Bertha Ai Free
Category Wordpress Plugins
Vulnerable Domains9 live websites (100.00% of Bertha Ai Free install base)
Vulnerable Versions
  • from 0 through 1.12.11
Vulnerable Versions Count1 versions ( 100.00% of all versions)


Common Weakness Enumeration

CWE-862 Missing Authorization



Details

  • Published - May 16, 2025
  • Updated - May 16, 2025

Credits

  • astra.r3verii (Patchstack Alliance) (finder)

CVE-2025-48138 usage by Country

United States6 websites


Romania1 websites
Russia1 websites
Vietnam1 websites

CVE-2025-48138 usage by TLD

.com4 websites
.co.uk2 websites
.net1 websites
.ru1 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2025-48138

Top websites that are affected by CVE-2025-48138. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
*************.**.uk United States***,***
*****.ru Russia**,***,***
*********************.**.uk United States**,***,***
*****************.com United States**,***,***
***.ro Romania***,***,***
*********.com United States***,***,***
********************.com United States***,***,***
****.************.com United States***,***,***
*********.net Vietnam***,***,***
See full domain list

FAQ

CVE-2025-48138 is Missing Authorization in Bertha Ai Free
A total of 9 websites have been identified as vulnerable to CVE-2025-48138, based on global website indexing conducted by WebTechSurvey.
The Bertha Ai Free is affected by the CVE-2025-48138 vulnerability.
Bertha Ai Free versions up to and including 1.12.11 are vulnerable to CVE-2025-48138.