25 matches found
CVE-2026-39520 WordPress weDocs plugin <= 2.1.18 - Broken Access Control vulnerability
Missing Authorization vulnerability in weDevs weDocs wedocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects weDocs: from n/a through = 2.1.18...
CVE-2025-13921
The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to unauthorized modification or loss of data due to a missing capability check on the 'wedocsuserdocumentationhandlingcapabilities' function in all versions up to, and including, 2.1.1...
CVE-2025-13921
The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to unauthorized modification or loss of data due to a missing capability check on the 'wedocsuserdocumentationhandlingcapabilities' function in all versions up to, and including, 2.1.1...
CVE-2025-13921
CVE-2025-13921 (weDocs for WordPress) : Wordfence and related feeds confirm that weDocs versions up to 2.1.16 expose an unauthenticated ability to modify or lose documentation data due to a missing capability check in wedocs_user_documentation_handling_capabilities. An authenticated attacker with...
CVE-2025-13921
The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to unauthorized modification or loss of data due to a missing capability check on the 'wedocsuserdocumentationhandlingcapabilities' function in all versions up to, and including, 2.1.1...
WordPress weDocs plugin <= 2.1.16 - Missing Authorization to Authenticated (Subscriber+) Documentation Post Update vulnerability
Missing Authorization to Authenticated Subscriber+ Documentation Post Update vulnerability discovered by blue0x1 in WordPress Plugin weDocs versions = 2.1.16...
PT-2026-4355
The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to unauthorized modification or loss of data due to a missing capability check on the 'wedocs user documentation handling capabilities' function in all versions up to, and including,...
WordPress plugin weDocs has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
CVE-2025-14574
The weDocs plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.15 via the /wp-json/wp/v2/docs/settings REST API endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including third party services API ke...
CVE-2025-14574
The weDocs plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.15 via the /wp-json/wp/v2/docs/settings REST API endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including third party services API ke...
CVE-2025-14574 weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot <= 2.1.15 - Unauthenticated Sensitive Information Exposure
The weDocs plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.15 via the /wp-json/wp/v2/docs/settings REST API endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including third party services API ke...
CVE-2025-14574 weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot <= 2.1.15 - Unauthenticated Sensitive Information Exposure
The weDocs plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.15 via the /wp-json/wp/v2/docs/settings REST API endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including third party services API ke...
CVE-2025-14574
The connected Wordfence entry confirms CVE-2025-14574 affecting the weDocs plugin for WordPress (versions up to 2.1.15) via an unauthenticated exposure at the REST endpoint /wp-json/wp/v2/docs/settings, enabling retrieval of sensitive data including third‑party API keys. The CVSS v3.1 base score ...
PT-2026-1746
Name of the Vulnerable Software and Affected Versions weDocs plugin for WordPress versions prior to 2.1.16 Description The weDocs plugin for WordPress is susceptible to sensitive information disclosure. Unauthenticated attackers can extract sensitive data, including API keys for third-party...
WordPress weDocs plugin <= 2.1.15 - Unauthenticated Sensitive Information Exposure vulnerability
Unauthenticated Sensitive Information Exposure vulnerability discovered by DityaRA in WordPress Plugin weDocs versions = 2.1.15...
CVE-2025-12505
The weDocs plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.1.14. This is due to the plugin not properly verifying that a user is authorized to perform an action in the createitempermissionscheck function. This makes it possible for authenticated...
CVE-2025-12505
The weDocs plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.1.14. This is due to the plugin not properly verifying that a user is authorized to perform an action in the createitempermissionscheck function. This makes it possible for authenticated...
CVE-2025-12505
The weDocs plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.1.14. This is due to the plugin not properly verifying that a user is authorized to perform an action in the createitempermissionscheck function. This makes it possible for authenticated...
CVE-2025-12505 weDocs <= 2.1.14 - Missing Authorization to Settings Update
The weDocs plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.1.14. This is due to the plugin not properly verifying that a user is authorized to perform an action in the createitempermissionscheck function. This makes it possible for authenticated...
WordPress plugin weDocs 授权问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. An authorizati...