{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12681", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-11-04T00:25:24.942Z", "datePublished": "2025-11-13T07:27:53.227Z", "dateUpdated": "2026-04-08T16:52:06.099Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:52:06.099Z"}, "affected": [{"vendor": "ronalfy", "product": "Comment Edit Core \u2013 Simple Comment Editing", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.1.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Comment Edit Core \u2013 Simple Comment Editing plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.0 via the 'ajax_get_comment' function. This makes it possible for unauthenticated attackers to extract sensitive data including user IDs, IP addresses, and email addresses."}], "title": "Comment Edit Core \u2013 Simple Comment Editing <= 3.1.0 - Unauthenticated Sensitive Information Exposure", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4f954b02-b636-438b-a4b1-9b74df153c47?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/simple-comment-editing/trunk/includes/Ajax.php#L230"}, {"url": "https://plugins.trac.wordpress.org/changeset/3392054/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "cweId": "CWE-200", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Powpy"}], "timeline": [{"time": "2025-11-07T20:28:27.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-11-12T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-14T16:48:30.539607Z", "id": "CVE-2025-12681", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-14T16:48:37.608Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12681", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-14T16:48:30.539607Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-14T16:48:34.446Z"}}], "cna": {"title": "Comment Edit Core \u2013 Simple Comment Editing <= 3.1.0 - Unauthenticated Sensitive Information Exposure", "credits": [{"lang": "en", "type": "finder", "value": "Powpy"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "ronalfy", "product": "Comment Edit Core \u2013 Simple Comment Editing", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.1.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-11-07T20:28:27.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-11-12T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4f954b02-b636-438b-a4b1-9b74df153c47?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/simple-comment-editing/trunk/includes/Ajax.php#L230"}, {"url": "https://plugins.trac.wordpress.org/changeset/3392054/"}], "descriptions": [{"lang": "en", "value": "The Comment Edit Core \u2013 Simple Comment Editing plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.0 via the 'ajax_get_comment' function. This makes it possible for unauthenticated attackers to extract sensitive data including user IDs, IP addresses, and email addresses."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:52:06.099Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12681", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:52:06.099Z", "dateReserved": "2025-11-04T00:25:24.942Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-13T07:27:53.227Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Comment Edit Core \u2013 Simple Comment Editing plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.0 via the 'ajax_get_comment' function. This makes it possible for unauthenticated attackers to extract sensitive data including user IDs, IP addresses, and email addresses."}], "id": "CVE-2025-12681", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-13T08:15:48.260", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/simple-comment-editing/trunk/includes/Ajax.php#L230"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3392054/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4f954b02-b636-438b-a4b1-9b74df153c47?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T00:33:04.357283+00:00", "value": {"mitigation_remediation": ["Upgrade the Comment Edit Core \u2013 Simple Comment Editing plugin to version 3.1.1 or later if available. If a newer version is not yet released, consider disabling or blocking unauthenticated access to the ajax_get_comment endpoint by configuring the web server or a firewall to require authentication for all Ajax requests. Apply a site\u2011wide access control rule that limits the use of the plugin\u2019s Ajax functionality to logged\u2011in administrators or users with explicit permissions.", "Restrict comment editing capabilities to administrators only by adjusting the plugin\u2019s role settings, ensuring regular users cannot trigger the ajax_get_comment function.", "Configure a web\u2011application firewall or security plugin to filter and block unauthenticated Ajax requests to the plugin\u2019s endpoint for any non\u2011admin user, adding an extra layer of protection if the patch is delayed."], "summary": {"action": "Immediate Patch", "impact": "Sensitive Information Exposure"}, "threat_synthesis": {"affected_systems": "All installations of the WordPress plugin \u2018Comment Edit Core \u2013 Simple Comment Editing\u2019 running version 3.1.0 or earlier are impacted. The affected product is provided by the vendor ronalfy and is deployed via the WordPress plugin infrastructure. In practice, any WordPress site enabled with this plugin without an updated version will be exposed.", "description_and_impact": "The WordPress plugin \u2018Comment Edit Core \u2013 Simple Comment Editing\u2019 is affected by a CVE that allows unauthenticated attackers to retrieve sensitive user details through the ajax_get_comment function. The vulnerability directly exposes user identifiers, IP addresses, and email addresses, compromising confidentiality as defined by CWE\u2011200. Given the design of the plugin, an attacker gains no denial\u2011of\u2011service or code execution capability, but the disclosure of personal data can enable further targeted attacks such as phishing or credential harvesting.", "risk_and_exploitability": "The CVSS score of 5.3 indicates a medium severity vulnerability, and the EPSS score of <1% suggests a low likelihood of widespread exploitation at present. The vulnerability is not listed in the CISA KEV catalog, further supporting the assessment that exploitation is unlikely to be seen in the wild. Attackers can trigger the flaw by issuing a simple Ajax request to the ajax_get_comment endpoint with no authentication; learning the user ID or email does not require additional privileges, meaning the attack vector is unauthenticated and easily automatable."}}}}, "created": "2025-11-13T15:50:04.422989+00:00", "updated": "2026-04-22T00:45:04.149754+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}