Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Unauthenticated network-reachable plugin endpoint with low complexity (AV:N/AC:L/PR:N/UI:N); information disclosure drives C:H while integrity/availability impacts are limited (I:L/A:L), matching the disclosed signals.
Primary rating from Vendor (patchstack).
CVSS VectorVendor: patchstack
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Lifecycle Timeline
1DescriptionCVE.org
Unauthenticated Multiple Vulnerabilities in BitFire Security <= 5.0.3 versions.
AnalysisAI
Information disclosure and related weaknesses in the BitFire Security WordPress firewall plugin (versions 5.0.3 and earlier) let remote unauthenticated attackers extract sensitive data and tamper with limited integrity, per a Patchstack-reported advisory. The CVSS 3.1 base score of 8.6 reflects network-reachable, no-privilege exploitation (AV:N/AC:L/PR:N/UI:N) with high confidentiality impact, ironic for a product whose purpose is to harden WordPress sites. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires only that the target WordPress site has the BitFire Security plugin (version 5.0.3 or earlier) installed, active, and reachable over the network; the CVSS vector AV:N/AC:L/PR:N/UI:N indicates no authentication, no user interaction, and low complexity - i.e., default exposure of the plugin's HTTP-accessible endpoints is sufficient. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Signals are mixed and partly incomplete. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A remote attacker, without any account or user interaction, sends a crafted HTTP request to a vulnerable plugin endpoint with a malformed or out-of-range quantity/length value, causing BitFire to return sensitive information it should not expose. No public exploit code is currently known, but the low attack complexity and lack of authentication mean the request could be reproduced and automated easily once details are public. |
| Remediation | No vendor-released patched version is identified in the available data, so the recommended action is to consult the Patchstack advisory (https://patchstack.com/database/wordpress/plugin/bitfire/vulnerability/wordpress-bitfire-security-plugin-5-0-3-multiple-vulnerabilities-vulnerability) and the plugin's WordPress.org changelog for any release newer than 5.0.3 and upgrade to it immediately once confirmed. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all WordPress installations running BitFire Security versions 5.0.3 or earlier; document sites processing sensitive customer or operational data. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39698
GHSA-mm42-2mqm-6mqx