{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2720", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-02-18T21:16:02.973Z", "datePublished": "2026-03-21T03:27:06.398Z", "dateUpdated": "2026-04-08T17:25:23.499Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:25:23.499Z"}, "affected": [{"vendor": "codeclove", "product": "Hr Press Lite", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Hr Press Lite plugin for WordPress is vulnerable to unauthorized access of sensitive employee data due to a missing capability check on the `hrp-fetch-employees` AJAX action in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve sensitive employee information including names, email addresses, phone numbers, salary/pay rates, employment dates, and employment status."}], "title": "Hr Press Lite <= 1.0.2 - Missing Authorization to Authenticated (Subscriber+) Sensitive Employee Information Exposure", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d2a63b8e-e16e-4702-be1b-acc5c3e74b22?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/hr-press-lite/trunk/includes/HRP_Action.php#L1444"}, {"url": "https://plugins.trac.wordpress.org/browser/hr-press-lite/tags/1.0.2/includes/HRP_Action.php#L1444"}, {"url": "https://plugins.trac.wordpress.org/browser/hr-press-lite/trunk/admin/admin.php#L36"}, {"url": "https://plugins.trac.wordpress.org/browser/hr-press-lite/tags/1.0.2/admin/admin.php#L36"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Itthidej Aramsri"}, {"lang": "en", "type": "finder", "value": "Waris Damkham"}], "timeline": [{"time": "2026-03-20T15:15:10.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-23T16:58:51.351573Z", "id": "CVE-2026-2720", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T17:00:29.803Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2720", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-23T16:58:51.351573Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T17:00:23.838Z"}}], "cna": {"title": "Hr Press Lite <= 1.0.2 - Missing Authorization to Authenticated (Subscriber+) Sensitive Employee Information Exposure", "credits": [{"lang": "en", "type": "finder", "value": "Itthidej Aramsri"}, {"lang": "en", "type": "finder", "value": "Waris Damkham"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "codeclove", "product": "Hr Press Lite", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-03-20T15:15:10.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d2a63b8e-e16e-4702-be1b-acc5c3e74b22?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/hr-press-lite/trunk/includes/HRP_Action.php#L1444"}, {"url": "https://plugins.trac.wordpress.org/browser/hr-press-lite/tags/1.0.2/includes/HRP_Action.php#L1444"}, {"url": "https://plugins.trac.wordpress.org/browser/hr-press-lite/trunk/admin/admin.php#L36"}, {"url": "https://plugins.trac.wordpress.org/browser/hr-press-lite/tags/1.0.2/admin/admin.php#L36"}], "descriptions": [{"lang": "en", "value": "The Hr Press Lite plugin for WordPress is vulnerable to unauthorized access of sensitive employee data due to a missing capability check on the `hrp-fetch-employees` AJAX action in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve sensitive employee information including names, email addresses, phone numbers, salary/pay rates, employment dates, and employment status."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:25:23.499Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2720", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:25:23.499Z", "dateReserved": "2026-02-18T21:16:02.973Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-03-21T03:27:06.398Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Hr Press Lite plugin for WordPress is vulnerable to unauthorized access of sensitive employee data due to a missing capability check on the `hrp-fetch-employees` AJAX action in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve sensitive employee information including names, email addresses, phone numbers, salary/pay rates, employment dates, and employment status."}, {"lang": "es", "value": "El plugin Hr Press Lite para WordPress es vulnerable a acceso no autorizado de datos sensibles de empleados debido a una comprobaci\u00f3n de capacidad faltante en la acci\u00f3n AJAX 'hrp-fetch-employees' en todas las versiones hasta la 1.0.2, inclusive. Esto hace posible que atacantes autenticados, con acceso de nivel Suscriptor y superior, recuperen informaci\u00f3n sensible de empleados incluyendo nombres, direcciones de correo electr\u00f3nico, n\u00fameros de tel\u00e9fono, salarios/tasas de pago, fechas de empleo y estado de empleo."}], "id": "CVE-2026-2720", "lastModified": "2026-04-24T16:27:44.277", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-03-21T04:17:11.840", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/hr-press-lite/tags/1.0.2/admin/admin.php#L36"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/hr-press-lite/tags/1.0.2/includes/HRP_Action.php#L1444"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/hr-press-lite/trunk/admin/admin.php#L36"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/hr-press-lite/trunk/includes/HRP_Action.php#L1444"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d2a63b8e-e16e-4702-be1b-acc5c3e74b22?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.0.2]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Hr Press Lite", "source": "cna", "vendor": "codeclove"}, "product": "hr_press_lite", "vendor": "codeclove"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-21T06:37:20.120630+00:00", "value": {"mitigation_remediation": ["Update the Hr Press Lite plugin to the latest version that contains the missing authorization check, or uninstall the plugin if no update is available.", "If an update cannot be applied immediately, restrict Subscriber role permissions to prevent access to AJAX actions or remove the hrp-fetch-employees endpoint via a custom rule or security plugin.", "Review user roles: ensure that only trusted staff have Subscriber or higher roles and consider reducing roles where possible.", "Follow WordPress security best practices such as using strong passwords, limiting login attempts, and monitoring for suspicious activity."], "summary": {"action": "Immediate Patch", "impact": "Unauthorized access to sensitive employee data"}, "threat_synthesis": {"affected_systems": "The affected product is the Hr Press Lite WordPress plugin, codeclove:Hr Press Lite. All releases up to and including version 1.0.2 contain the flaw. WordPress sites that have installed any of these versions are vulnerable, regardless of the WordPress core version or other plugins. Administrators should verify the plugin version and update to the latest release once available.", "description_and_impact": "The Hr Press Lite plugin for WordPress contains a missing capability check on the hrp-fetch-employees AJAX action. As a result, any authenticated user with Subscriber-level access or higher can trigger the action and retrieve sensitive employee data, including names, email addresses, phone numbers, salary or pay rate, employment dates, and employment status. This flaw leads to unauthorized disclosure of personally identifiable and financial information, violating confidentiality and potentially enabling further exploitation. The vulnerability is classified as CWE-862, a missing authorization flaw.", "risk_and_exploitability": "The CVSS score is 6.5, indicating a medium severity. EPSS is not available and the vulnerability is not listed in the CISA KEV catalog. Because the flaw permits data exposure through an authenticated AJAX endpoint, any user with login credentials at the Subscriber tier can exploit it without additional prerequisites. Attackers can cheaply obtain sensitive employee information over the network by simply sending a request to the exposed AJAX handler. The overall risk is moderate, but the impact on privacy and compliance makes timely remediation critical."}}}}, "created": "2026-03-23T09:49:56.822017+00:00", "updated": "2026-03-25T14:41:36.538327+00:00", "vendors": ["codeclove", "codeclove$PRODUCT$hr_press_lite", "wordpress", "wordpress$PRODUCT$wordpress"]}