CVE-2026-22203

Name of the Vulnerable Software and Affected Versions wpDiscuz versions prior to 7.6.47

Description The software contains an information disclosure issue that can lead to the exposure of OAuth secrets. Administrators may unintentionally reveal OAuth secrets when exporting plugin options as JSON. Attackers could obtain exported files containing plaintext API secrets, including fbAppSecret, googleClientSecret, and twitterAppSecret, from sources like support tickets, backups, or version control repositories.

Recommendations Update wpDiscuz to version 7.6.47 or later.