Simple History
Monthly
Simple History WordPress plugin versions 5.24.0 and earlier expose sensitive information through embedded data in sent communications, allowing remote unauthenticated attackers to retrieve confidential details with low attack complexity. The vulnerability stems from improper handling of sensitive data in network transmissions and affects all installations of the plugin up to the stated version. EPSS score of 0.02% indicates minimal real-world exploitation likelihood despite the information disclosure nature.
A vulnerability was found in Simple History Plugin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Simple History WordPress plugin versions 5.24.0 and earlier expose sensitive information through embedded data in sent communications, allowing remote unauthenticated attackers to retrieve confidential details with low attack complexity. The vulnerability stems from improper handling of sensitive data in network transmissions and affects all installations of the plugin up to the stated version. EPSS score of 0.02% indicates minimal real-world exploitation likelihood despite the information disclosure nature.
A vulnerability was found in Simple History Plugin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.