PT-2026-1746 · WordPress · Wedocs
German
·
Publicado
2026-01-09
·
Atualizado
2026-01-09
·
CVE-2025-14574
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
weDocs plugin for WordPress versions prior to 2.1.16
Description
The weDocs plugin for WordPress is susceptible to sensitive information disclosure. Unauthenticated attackers can extract sensitive data, including API keys for third-party services, through the
/wp-json/wp/v2/docs/settings API endpoint. The vulnerable parameter is not specified.Recommendations
Update the weDocs plugin to version 2.1.16 or later.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Wedocs