CVE-2026-7385 in Decent Comments Pluginthông tin

Tóm tắt

Bởi MITRE • 20/05/2026

The Decent Comments WordPress plugin before 3.0.2 does not restrict access to comment author email addresses and post author email addresses via its REST API endpoint, allowing unauthenticated attackers to enumerate registered user email addresses.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

chịu trách nhiệm

WPScan

Đặt trước

29/04/2026

Tiết lộ

20/05/2026

Kiểm duyệt

được chấp nhận

mục

VDB-364825

CPE

sẵn sàng

CWE

CWE-200 (Đã xác nhận)

CVSS

5.8 (CISA-ADP)

EPSS

0.00037

KEV

không

Các hoạt động

rất thấp

ngành

Hostingprovider

Nguồn

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-7385
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-7385
CVE Details	https://www.cvedetails.com/cve/CVE-2026-7385/

◂ Trước Tổng Quan Tiếp theo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!