6.9 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.3%
The WP Customer Area WordPress plugin before 8.2.1 does not properly validates user capabilities in some of its AJAX actions, allowing any users to retrieve other user’s account address.
wpscan.com/vulnerability/a224b984-770a-4534-b689-0701b582b388/