Skip to main content

Mail Mint

1 CVEs product

Monthly

CVE-2026-27349 MEDIUM This Month

Mail Mint WordPress plugin versions through 1.19.5 exposes sensitive system information to low-privilege authenticated users, enabling retrieval of embedded sensitive data from plugin responses or endpoints. Reported by Patchstack and classified under CWE-497, the flaw requires only a low-privilege WordPress account (PR:L per CVSS vector) over the network with no additional complexity or user interaction. No active exploitation has been confirmed in CISA KEV, and no public exploit code has been identified at time of analysis.

Information Disclosure Mail Mint
NVD
CVSS 3.1
4.3
EPSS
0.0%
EPSS 0% CVSS 4.3
MEDIUM This Month

Mail Mint WordPress plugin versions through 1.19.5 exposes sensitive system information to low-privilege authenticated users, enabling retrieval of embedded sensitive data from plugin responses or endpoints. Reported by Patchstack and classified under CWE-497, the flaw requires only a low-privilege WordPress account (PR:L per CVSS vector) over the network with no additional complexity or user interaction. No active exploitation has been confirmed in CISA KEV, and no public exploit code has been identified at time of analysis.

Information Disclosure Mail Mint
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy