Skip to main content

Instantio

1 CVEs product

Monthly

CVE-2026-39571 MEDIUM This Month

Themefic Instantio WordPress plugin versions up to 3.3.30 expose sensitive system information to unauthenticated remote attackers via an unspecified mechanism that retrieves embedded sensitive data. The vulnerability has a CVSS score of 5.3 with no authentication required and low complexity, enabling confidentiality compromise without requiring user interaction. No public exploit code or active exploitation has been confirmed, and the EPSS score of 0.02% indicates minimal real-world exploitation probability despite the direct remote accessibility.

Information Disclosure Instantio
NVD
CVSS 3.1
5.3
EPSS
0.0%
EPSS 0% CVSS 5.3
MEDIUM This Month

Themefic Instantio WordPress plugin versions up to 3.3.30 expose sensitive system information to unauthenticated remote attackers via an unspecified mechanism that retrieves embedded sensitive data. The vulnerability has a CVSS score of 5.3 with no authentication required and low complexity, enabling confidentiality compromise without requiring user interaction. No public exploit code or active exploitation has been confirmed, and the EPSS score of 0.02% indicates minimal real-world exploitation probability despite the direct remote accessibility.

Information Disclosure Instantio
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy