{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25344", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-02-02T12:52:42.957Z", "datePublished": "2026-03-25T16:14:42.559Z", "dateUpdated": "2026-04-29T09:51:56.733Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "review-schema", "product": "Review Schema", "vendor": "RadiusTheme", "versions": [{"changes": [{"at": "2.2.7", "status": "unaffected"}], "lessThanOrEqual": "2.2.6", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Doan Dinh Van | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-22T14:18:24.291Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme Review Schema review-schema allows Retrieve Embedded Sensitive Data.<p>This issue affects Review Schema: from n/a through <= 2.2.6.</p>"}], "value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme Review Schema review-schema allows Retrieve Embedded Sensitive Data.This issue affects Review Schema: from n/a through <= 2.2.6."}], "impacts": [{"capecId": "CAPEC-37", "descriptions": [{"lang": "en", "value": "Retrieve Embedded Sensitive Data"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-497", "description": "Exposure of Sensitive System Information to an Unauthorized Control Sphere", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-29T09:51:56.733Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/review-schema/vulnerability/wordpress-review-schema-plugin-2-2-6-sensitive-data-exposure-vulnerability?_s_id=cve"}], "title": "WordPress Review Schema plugin <= 2.2.6 - Sensitive Data Exposure vulnerability"}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T17:08:55.299373Z", "id": "CVE-2026-25344", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T17:08:59.868Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-25344", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T17:08:55.299373Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T17:08:48.476Z"}}], "cna": {"title": "WordPress Review Schema plugin <= 2.2.6 - Sensitive Data Exposure vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Doan Dinh Van | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-37", "descriptions": [{"lang": "en", "value": "Retrieve Embedded Sensitive Data"}]}], "affected": [{"vendor": "RadiusTheme", "product": "Review Schema", "versions": [{"status": "affected", "changes": [{"at": "2.2.7", "status": "unaffected"}], "version": "0", "versionType": "custom", "lessThanOrEqual": "2.2.6"}], "packageName": "review-schema", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-22T14:18:24.291Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/review-schema/vulnerability/wordpress-review-schema-plugin-2-2-6-sensitive-data-exposure-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme Review Schema review-schema allows Retrieve Embedded Sensitive Data.This issue affects Review Schema: from n/a through <= 2.2.6.", "supportingMedia": [{"type": "text/html", "value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme Review Schema review-schema allows Retrieve Embedded Sensitive Data.<p>This issue affects Review Schema: from n/a through <= 2.2.6.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-497", "description": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-23T14:14:08.534Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25344", "state": "PUBLISHED", "dateUpdated": "2026-04-23T14:14:08.534Z", "dateReserved": "2026-02-02T12:52:42.957Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-25T16:14:42.559Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme Review Schema review-schema allows Retrieve Embedded Sensitive Data.This issue affects Review Schema: from n/a through <= 2.2.6."}, {"lang": "es", "value": "Exposici\u00f3n de Informaci\u00f3n Sensible del Sistema a una Esfera de Control No Autorizada vulnerabilidad en RadiusTheme Review Schema review-schema permite Recuperar Datos Sensibles Incrustados. Este problema afecta a Review Schema: desde n/a hasta &lt;= 2.2.6."}], "id": "CVE-2026-25344", "lastModified": "2026-04-24T16:32:53.997", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T17:16:45.070", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/review-schema/vulnerability/wordpress-review-schema-plugin-2-2-6-sensitive-data-exposure-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-497"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.2.6]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "2.2.7"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Review Schema", "source": "cna", "vendor": "RadiusTheme"}, "product": "review_schema", "vendor": "radiustheme"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-26T19:38:36.846863+00:00", "value": {"mitigation_remediation": ["Update Review Schema to the latest version (2.2.7 or later if available).", "If an update is not available, disable or uninstall the plugin to eliminate the vulnerability.", "Verify that no publicly exposed endpoints in the plugin expose sensitive data.", "Monitor the WordPress site for any unauthorized data disclosures."], "summary": {"action": "Apply Patch", "impact": "Sensitive Data Exposure"}, "threat_synthesis": {"affected_systems": "The affected product is the RadiusTheme Review Schema plugin for WordPress. All releases from any earlier version up through 2.2.6 are impacted; no later releases are listed in the advisory.", "description_and_impact": "The vulnerability in WordPress Review Schema allows an attacker in an unauthorized control sphere to retrieve embedded sensitive data from the plugin. This exposure leaks confidential system information that should be protected. The weakness is classified as CWE\u2011497, indicating improper handling or disclosure of sensitive data.", "risk_and_exploitability": "The CVSS score of 6.5 indicates moderate severity. The EPSS score is below 1%, implying a low probability of exploitation at this time, and the issue is not listed in CISA\u2019s KEV catalog. The likely attack vector is through the plugin\u2019s interface, presumably requiring authenticated access to the WordPress admin area, though it could also be triggered by users who can load publicly exposed plugin endpoints. Successful exploitation would enable an attacker to read sensitive system data and could facilitate further malicious activity."}}}}, "created": "2026-03-25T21:45:07.159185+00:00", "updated": "2026-03-27T09:45:59.558006+00:00", "vendors": ["radiustheme", "radiustheme$PRODUCT$review_schema", "wordpress", "wordpress$PRODUCT$wordpress"]}