Security Advisory

CVE-2025-12681

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-13 07:27:53

Last updated 2026-04-08 16:52:06

Assigner Wordfence

State PUBLISHED

Description

The Comment Edit Core – Simple Comment Editing plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.0 via the ajax_get_comment function. This makes it possible for unauthenticated attackers to extract sensitive data including user IDs, IP addresses, and email addresses.

← Browse all CVEs View on cve.org ↗