Skip to main content

The Tribal

1 CVEs product

Monthly

CVE-2026-39709 MEDIUM This Month

The Tribal WordPress plugin through version 1.3.4 exposes sensitive data in outbound network communications, allowing unauthenticated remote attackers to retrieve embedded sensitive information with low complexity. The vulnerability stems from improper handling of sensitive data before transmission, classified as CWE-201 (Insertion of Sensitive Information Into Sent Data). With an EPSS score of 0.02% and no confirmed active exploitation, this represents a low real-world priority despite the network-accessible attack vector, suggesting the exposure may require specific conditions or have limited practical exploitability.

Information Disclosure The Tribal
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
EPSS 0% CVSS 5.3
MEDIUM This Month

The Tribal WordPress plugin through version 1.3.4 exposes sensitive data in outbound network communications, allowing unauthenticated remote attackers to retrieve embedded sensitive information with low complexity. The vulnerability stems from improper handling of sensitive data before transmission, classified as CWE-201 (Insertion of Sensitive Information Into Sent Data). With an EPSS score of 0.02% and no confirmed active exploitation, this represents a low real-world priority despite the network-accessible attack vector, suggesting the exposure may require specific conditions or have limited practical exploitability.

Information Disclosure The Tribal
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy