Exzo Configuration Error Exposes Sensitive Data

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.5

Exzo Configuration Error Exposes Sensitive Data

CVE-2025-69393

Summary

Exzo, a website builder, has a security issue that could allow unauthorized access to sensitive information if access control settings are not properly configured. This affects Exzo versions up to 1.2.4. To stay secure, ensure that access control settings are correctly configured in your Exzo installation.

Original title

Missing Authorization vulnerability in Jthemes Exzo exzo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Exzo: from n/a through <= 1.2.4.

Original description

Missing Authorization vulnerability in Jthemes Exzo exzo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Exzo: from n/a through <= 1.2.4.

nvd CVSS3.1 7.5

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Theme/exzo/vulnerability/wordpress-exz...

Published: 20 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026