Skip to main content

Pushengage Web Push Notifications Ecommerce Automation Amp Chat Widget

1 CVEs product

Monthly

CVE-2026-52698 HIGH This Week

Sensitive data exposure in the PushEngage WordPress plugin (versions <= 4.2.3) allows authenticated low-privileged users to access subscriber information that should remain protected. The flaw, reported by Patchstack and tracked as CWE-201 (Insertion of Sensitive Information Into Sent Data), affects WordPress sites running the Web Push Notifications, eCommerce Automation & Chat Widget plugin and carries a CVSS 3.1 score of 7.4 with a scope change. No public exploit identified at time of analysis.

Information Disclosure Pushengage Web Push Notifications Ecommerce Automation Amp Chat Widget
NVD
CVSS 3.1
7.4
EPSS
0.2%
EPSS 0% CVSS 7.4
HIGH This Week

Sensitive data exposure in the PushEngage WordPress plugin (versions <= 4.2.3) allows authenticated low-privileged users to access subscriber information that should remain protected. The flaw, reported by Patchstack and tracked as CWE-201 (Insertion of Sensitive Information Into Sent Data), affects WordPress sites running the Web Push Notifications, eCommerce Automation & Chat Widget plugin and carries a CVSS 3.1 score of 7.4 with a scope change. No public exploit identified at time of analysis.

Information Disclosure Pushengage Web Push Notifications Ecommerce Automation Amp Chat Widget
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy