{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3058", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-02-23T18:06:28.405Z", "datePublished": "2026-03-04T11:22:31.410Z", "dateUpdated": "2026-04-08T17:19:26.805Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:19:26.805Z"}, "affected": [{"vendor": "seraphinitesoft", "product": "Seraphinite Accelerator", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.28.14", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Seraphinite Accelerator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.28.14 via the `seraph_accel_api` AJAX action with `fn=GetData`. This is due to the `OnAdminApi_GetData()` function not performing any capability checks. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve sensitive operational data including cache status, scheduled task information, and external database state."}], "title": "Seraphinite Accelerator <= 2.28.14 - Authenticated (Subscriber+) Exposure of Sensitive Information to an Unauthorized Actor", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bf539c01-596a-44dd-9587-6be6978ab0fa?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/seraphinite-accelerator/trunk/main.php#L2288"}, {"url": "https://plugins.trac.wordpress.org/browser/seraphinite-accelerator/trunk/Cmn/Plugin.php#L598"}, {"url": "https://plugins.trac.wordpress.org/changeset/3468084/seraphinite-accelerator/trunk/main.php?contextall=1"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "cweId": "CWE-200", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Lukasz Sobanski"}], "timeline": [{"time": "2026-02-23T21:12:57.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-03-03T22:00:52.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-04T14:58:48.858817Z", "id": "CVE-2026-3058", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-04T14:58:57.382Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3058", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-04T14:58:48.858817Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-04T14:58:53.317Z"}}], "cna": {"title": "Seraphinite Accelerator <= 2.28.14 - Authenticated (Subscriber+) Exposure of Sensitive Information to an Unauthorized Actor", "credits": [{"lang": "en", "type": "finder", "value": "Lukasz Sobanski"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "seraphinitesoft", "product": "Seraphinite Accelerator", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.28.14"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-02-23T21:12:57.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2026-03-03T22:00:52.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bf539c01-596a-44dd-9587-6be6978ab0fa?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/seraphinite-accelerator/trunk/main.php#L2288"}, {"url": "https://plugins.trac.wordpress.org/browser/seraphinite-accelerator/trunk/Cmn/Plugin.php#L598"}, {"url": "https://plugins.trac.wordpress.org/changeset/3468084/seraphinite-accelerator/trunk/main.php?contextall=1"}], "descriptions": [{"lang": "en", "value": "The Seraphinite Accelerator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.28.14 via the `seraph_accel_api` AJAX action with `fn=GetData`. This is due to the `OnAdminApi_GetData()` function not performing any capability checks. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve sensitive operational data including cache status, scheduled task information, and external database state."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:19:26.805Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3058", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:19:26.805Z", "dateReserved": "2026-02-23T18:06:28.405Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-03-04T11:22:31.410Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:s-sols:seraphinite_accelerator:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "E8A72897-8765-41A4-BC20-37AB45E48A55", "versionEndExcluding": "2.28.15", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Seraphinite Accelerator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.28.14 via the `seraph_accel_api` AJAX action with `fn=GetData`. This is due to the `OnAdminApi_GetData()` function not performing any capability checks. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve sensitive operational data including cache status, scheduled task information, and external database state."}, {"lang": "es", "value": "El plugin Seraphinite Accelerator para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n sensible en todas las versiones hasta la 2.28.14, inclusive, a trav\u00e9s de la acci\u00f3n AJAX 'seraph_accel_api' con 'fn=GetData'. Esto se debe a que la funci\u00f3n 'OnAdminApi_GetData()' no realiza ninguna comprobaci\u00f3n de capacidad. Esto permite a atacantes autenticados, con acceso de nivel Suscriptor y superior, recuperar datos operativos sensibles, incluyendo el estado de la cach\u00e9, informaci\u00f3n de tareas programadas y el estado de la base de datos externa."}], "id": "CVE-2026-3058", "lastModified": "2026-03-31T18:37:28.273", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-04T12:16:03.373", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/seraphinite-accelerator/trunk/Cmn/Plugin.php#L598"}, {"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/seraphinite-accelerator/trunk/main.php#L2288"}, {"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3468084/seraphinite-accelerator/trunk/main.php?contextall=1"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bf539c01-596a-44dd-9587-6be6978ab0fa?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security@wordfence.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.28.14]"}}], "enrichment": {"confidence": 92.0, "confidence_source": "matching", "scores": [{"score": 92.0, "source": "matching"}]}, "original": {"product": "Seraphinite Accelerator", "source": "cna", "vendor": "seraphinitesoft"}, "product": "seraphinite_accelerator", "vendor": "seraphinitesolutions"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-15T16:49:49.327262+00:00", "value": {"mitigation_remediation": ["Upgrade Seraphinite Accelerator to version\u00a02.28.15 or newer", "If upgrading is delayed, disable or restrict the seraph_accel_api AJAX endpoint so that only trusted users can access it", "Ensure that only the necessary users have Subscriber or higher roles; remove or downgrade unnecessary accounts"], "summary": {"action": "Immediate Patch", "impact": "Sensitive Information Exposure"}, "threat_synthesis": {"affected_systems": "The plugin sent by Seraphinite Soft, Seraphinite Accelerator, is affected. Versions up to and including 2.28.14 on WordPress installations are vulnerable. Administrators should check the plugin version and update to a later release.", "description_and_impact": "The Seraphinite Accelerator plugin for WordPress allows the seraph_accel_api AJAX action to return sensitive operational data. Because the OnAdminApi_GetData() function does not verify user capabilities, any authenticated user with the Subscriber role or higher may call the fn=GetData endpoint. Exposure includes cache status, scheduled task information, and external database state, potentially revealing valuable operational details. The weakness is a lack of access control and is reflected in CWE\u2011200.", "risk_and_exploitability": "The CVSS base score is 4.3, placing the vulnerability in the medium range. Exploit probability, as measured by EPSS, is reported as less than 1\u202fpercent, and the issue is not listed in the CISA KEV catalog. Nonetheless, any user with Subscriber level credentials on a WordPress site can use the exposed AJAX endpoint to read operational data, giving an attacker insight into the system\u2019s internals. Because the attack requires only authentication to the site, the attack vector is a legitimate user account, making the risk moderate but significant for environments where exposure of such data would be sensitive."}}}}, "created": "2026-03-04T21:03:39.107312+00:00", "updated": "2026-04-15T17:00:07.066820+00:00", "vendors": ["seraphinitesolutions", "seraphinitesolutions$PRODUCT$seraphinite_accelerator", "wordpress", "wordpress$PRODUCT$wordpress"]}