Skip to main content

12 Step Meeting List

4 CVEs product

Monthly

CVE-2026-39570 MEDIUM This Month

The AA Web Servant 12 Step Meeting List WordPress plugin through version 3.19.9 exposes sensitive information in sent data, allowing unauthenticated remote attackers to retrieve embedded sensitive data with low confidentiality impact. This information disclosure vulnerability has an EPSS score of 0.02% (5th percentile), indicating minimal real-world exploitation probability despite moderate CVSS scoring.

Information Disclosure 12 Step Meeting List
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-39569 MEDIUM This Month

Broken access control in AA Web Servant 12 Step Meeting List plugin version 3.19.9 and earlier allows authenticated users to view sensitive information by exploiting misconfigured access control security levels. An attacker with low-level privileges can enumerate or access data they should not be permitted to view, exposing confidential meeting or user information. The vulnerability has an EPSS score of 0.02% (4th percentile), indicating low real-world exploitation probability despite the moderate CVSS score of 6.5.

Authentication Bypass 12 Step Meeting List
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2024-22296 HIGH This Week

Missing Authorization vulnerability in Code for Recovery 12 Step Meeting List.14.28. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass 12 Step Meeting List
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-46641 MEDIUM This Month

Server-Side Request Forgery (SSRF) vulnerability in Code for Recovery 12 Step Meeting List.14.24. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

SSRF 12 Step Meeting List
NVD
CVSS 3.1
4.9
EPSS
0.2%
EPSS 0% CVSS 5.3
MEDIUM This Month

The AA Web Servant 12 Step Meeting List WordPress plugin through version 3.19.9 exposes sensitive information in sent data, allowing unauthenticated remote attackers to retrieve embedded sensitive data with low confidentiality impact. This information disclosure vulnerability has an EPSS score of 0.02% (5th percentile), indicating minimal real-world exploitation probability despite moderate CVSS scoring.

Information Disclosure 12 Step Meeting List
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Broken access control in AA Web Servant 12 Step Meeting List plugin version 3.19.9 and earlier allows authenticated users to view sensitive information by exploiting misconfigured access control security levels. An attacker with low-level privileges can enumerate or access data they should not be permitted to view, exposing confidential meeting or user information. The vulnerability has an EPSS score of 0.02% (4th percentile), indicating low real-world exploitation probability despite the moderate CVSS score of 6.5.

Authentication Bypass 12 Step Meeting List
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Missing Authorization vulnerability in Code for Recovery 12 Step Meeting List.14.28. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass 12 Step Meeting List
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Server-Side Request Forgery (SSRF) vulnerability in Code for Recovery 12 Step Meeting List.14.24. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

SSRF 12 Step Meeting List
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy