CVE-2025-11891

The Shelf Planner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...

CVE-2025-11894

The Shelf Planner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several REST API endpoints in all versions up to, and including, 2.8.1. This makes it possible for unauthenticated attackers to modify several of the plugin's settings li...

EUVD-2025-60975

The Shelf Planner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.0 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...

EUVD-2025-60977

The Shelf Planner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several REST API endpoints in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to modify several of the plugin's settings li...

CVE-2025-11891

The Shelf Planner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...

CVE-2025-11894

The Shelf Planner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several REST API endpoints in all versions up to, and including, 2.8.1. This makes it possible for unauthenticated attackers to modify several of the plugin's settings li...

CVE-2025-11891 Shelf Planner <= 2.8.1 - Unauthenticated Information Exposure via Log Files

The Shelf Planner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...

CVE-2025-11891 Shelf Planner <= 2.7.0 - Unauthenticated Information Exposure via Log Files

The Shelf Planner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.0 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...

CVE-2025-11891

CVE-2025-11891 : Shelf Planner (WordPress) up to version 2.7.0 exposes log files publicly, enabling unauthenticated access to sensitive information. Several connected sources (Wordfence, Patchstack, PT Security, CVE listings) corroborate the flaw and patch status. Patch available: Shelf Planner s...

CVE-2025-11894 Shelf Planner <= 2.8.1 - Missing Authorization to Unauthenticated Settings Update

The Shelf Planner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several REST API endpoints in all versions up to, and including, 2.8.1. This makes it possible for unauthenticated attackers to modify several of the plugin's settings li...

CVE-2025-11894 Shelf Planner <= 2.7.0 - Missing Authorization to Unauthenticated Settings Update

The Shelf Planner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several REST API endpoints in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to modify several of the plugin's settings li...

CVE-2025-11894

CVE-2025-11894 : The Shelf Planner WordPress plugin (versions

WordPress Shelf Planner plugin <= 2.7.0 - Missing Authorization to Unauthenticated Settings Update vulnerability

Missing Authorization to Unauthenticated Settings Update vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Shelf Planner versions = 2.7.0...

WordPress Shelf Planner plugin <= 2.7.0 - Unauthenticated Information Exposure via Log Files vulnerability

Unauthenticated Information Exposure via Log Files vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Shelf Planner versions = 2.7.0...

WordPress plugin Shelf Planner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-46264

Name of the Vulnerable Software and Affected Versions Shelf Planner versions 2.7.0 and earlier Description The Shelf Planner plugin for WordPress has a flaw that could expose sensitive information. This is due to publicly exposed log files, potentially allowing unauthenticated attackers to view...

WordPress plugin Shelf Planner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-46265

Name of the Vulnerable Software and Affected Versions Shelf Planner plugin for WordPress versions prior to 2.7.1 Description The Shelf Planner plugin for WordPress is susceptible to unauthorized data modification. This is due to a lack of proper capability checks on several REST API endpoints. An...