4 matches found
CVE-2025-2942
The Order Delivery Date WordPress plugin before 12.6.0 discloses arbitrary post title such as from draft and private posts via an unauthenticated AJAX action, allowing attackers to retrieve such information...
WordPress Order Delivery Date Pro for WooCommerce plugin < 12.6.0 - Unauthenticated Arbitrary Post Title Disclosure vulnerability
Unauthenticated Arbitrary Post Title Disclosure vulnerability discovered by Erwan LR WPScan in WordPress Plugin Order Delivery Date for WP e-Commerce versions 12.6.0...
CVE-2025-2942 Order Delivery Date Pro for WooCommerce < 12.6.0 - Unauthenticated Arbitrary Post Title Disclosure
The Order Delivery Date WordPress plugin before 12.6.0 discloses arbitrary post title such as from draft and private posts via an unauthenticated AJAX action, allowing attackers to retrieve such information...
CVE-2025-2942 Order Delivery Date Pro for WooCommerce < 12.6.0 - Unauthenticated Arbitrary Post Title Disclosure
The Order Delivery Date WordPress plugin before 12.6.0 discloses arbitrary post title such as from draft and private posts via an unauthenticated AJAX action, allowing attackers to retrieve such information...