{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T10:16:54.823","vulnerabilities":[{"cve":{"id":"CVE-2024-12637","sourceIdentifier":"security@wordfence.com","published":"2025-01-17T07:15:26.773","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.05 via the export functionality. The JSON files are stored in predictable locations with guessable file names when exporting user data. This could allow unauthenticated attackers to extract sensitive user data, for instance, email addresses, hashed passwords, and IP addresses."},{"lang":"es","value":"El complemento Moving Users para WordPress es vulnerable a la exposición de información confidencial en todas las versiones hasta la 1.05 incluida a través de la función de exportación. Los archivos JSON se almacenan en ubicaciones predecibles con nombres de archivo que se pueden adivinar al exportar datos de usuario. Esto podría permitir que atacantes no autenticados extraigan datos confidenciales de los usuarios, por ejemplo, direcciones de correo electrónico, contraseñas cifradas y direcciones IP."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3223894%40moving-users&new=3223894%40moving-users&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://wordpress.org/plugins/moving-users/","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8209761c-2cfe-49b9-ab4c-49a9a13b5dcf?source=cve","source":"security@wordfence.com"}]}}]}