AI Score
Confidence
High
EPSS
Percentile
22.6%
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
partial
The Seriously Simple Podcasting WordPress plugin before 3.0.0 discloses the Podcast owner’s email address (which by default is the admin email address) via an unauthenticated crafted request.
[
{
"cpes": [
"cpe:2.3:a:castos:seriously_simple_podcasting:*:*:*:*:*:wordpress:*:*"
],
"vendor": "castos",
"product": "seriously_simple_podcasting",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "3.0.0",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]