[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$foFVgCvoIjPoRNvxpU-xg2_9WDKumqcVVCBcll9yi0nQ":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20,"patch_diff_files":21,"patch_trac_url":9,"research_status":9,"research_verified":22,"research_rounds_completed":23,"research_plan":9,"research_summary":9,"research_vulnerable_code":9,"research_fix_diff":9,"research_exploit_outline":9,"research_model_used":9,"research_started_at":9,"research_completed_at":9,"research_error":9,"poc_status":9,"poc_video_id":9,"poc_summary":9,"poc_steps":9,"poc_tested_at":9,"poc_wp_version":9,"poc_php_version":9,"poc_playwright_script":9,"poc_exploit_code":9,"poc_has_trace":22,"poc_model_used":9,"poc_verification_depth":9,"poc_exploit_code_gated":22,"source_links":24},"WF-07c0b4c5-d76e-4bdc-87d1-3144a1466c77-supportcandy","supportcandy-sensitive-data-exposure","SupportCandy \u003C= 3.1.3 - Sensitive Data Exposure","The SupportCandy plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.1.3. Users seeking support have the option to upload supporting documents which are placed in \u002Fwp-content\u002Fuploads\u002Fwpsc\u002F. If directory listing is enabled, an attacker can obtain a listing of documents in this directory and access documents directly.","supportcandy",null,"\u003C=3.1.3","3.1.4","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2023-03-28 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F07c0b4c5-d76e-4bdc-87d1-3144a1466c77?source=api-prod",301,[],false,0,{"type":25,"vulnerable_version":9,"fixed_version":9,"vulnerable_browse":9,"vulnerable_zip":9,"fixed_browse":9,"fixed_zip":9,"all_tags":26},"plugin","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fsupportcandy\u002Ftags"]