CVE-2025-11891

Medium CVSS: 5.3

The Shelf Planner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.0 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files.

Vendor

Product

CWE

CWE-538

Yayın Tarihi

2025-11-11 04:15:44

Güncelleme

2025-11-12 16:19:34

Source Identifier

security@wordfence.com

KEV Date Added

Kategoriler

CWE-538 MEDIUM 2025

Referanslar

https://wordpress.org/plugins/shelf-planner/ https://www.wordfence.com/threat-intel/vulnerabilities/id/17f17cae-f444-4fa1-9090-ec6ea267ef2e?source=cve