5 matches found
CVE-2026-2025
Mail Mint WordPress plugin versions prior to 1.19.5 contain an information disclosure vulnerability due to missing authorization on a REST API endpoint, allowing unauthenticated users to retrieve email addresses of blog users. Affected versions:
PT-2026-22423
Name of the Vulnerable Software and Affected Versions Statmatic versions prior to 5.73.11 Statmatic versions prior to 6.4.0 Description Statmatic is a Laravel and Git powered content management system CMS. Before versions 5.73.11 and 6.4.0, user email addresses were included in responses from the...
CVE-2025-13741
The Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getAuthors function in all versions up to, and including, 4.9.2. This makes it...
PT-2025-51474
The Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getAuthors function in all versions up to, and including, 4.9.2. This makes it...
CVE-2024-1717
The Admin Notices Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handleajaxcall function in all versions up to, and including, 1.4.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to...