CVE-2026-7385
UNKNOWN
NVD
CVSS Score
0
Severity
UNKNOWN
Published
May 20, 2026
Vendor
unknown
Description
The Decent Comments WordPress plugin before 3.0.2 does not restrict access to comment author email addresses and post author email addresses via its REST API endpoint, allowing unauthenticated attackers to enumerate registered user email addresses.