PT-2025-46785 · WordPress · Comment Edit Core – Simple Comment Editing
Powpy
·
Published
2025-11-13
·
Updated
2025-11-13
·
CVE-2025-12681
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Comment Edit Core – Simple Comment Editing plugin for WordPress versions prior to 3.1.1
Description
The Comment Edit Core – Simple Comment Editing plugin for WordPress is susceptible to exposing sensitive information. An unauthenticated attacker can extract sensitive data, including user IDs, IP addresses, and email addresses, through the
ajax get comment function.Recommendations
Update the Comment Edit Core – Simple Comment Editing plugin to version 3.1.1 or later.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Comment Edit Core – Simple Comment Editing