{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T19:08:33.110","vulnerabilities":[{"cve":{"id":"CVE-2024-13525","sourceIdentifier":"security@wordfence.com","published":"2025-02-15T09:15:08.833","lastModified":"2025-02-24T17:10:47.023","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.4 via Shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including emails as well as hashed passwords of any user."},{"lang":"es","value":"El complemento Customer Email Verification for WooCommerce para WordPress es vulnerable a la exposición de información confidencial en todas las versiones hasta la 2.9.4 incluida a través de un código corto. Esto permite que atacantes autenticados, con acceso de nivel de colaborador o superior, extraigan datos confidenciales, incluidos correos electrónicos y contraseñas cifradas de cualquier usuario."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wpfactory:customer_email_verification_for_woocommerce:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"2.9.5","matchCriteriaId":"CE375DC5-2869-4F4E-B9E9-DB8C4894FF69"}]}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/emails-verification-for-woocommerce/tags/2.9.2/includes/class-alg-wc-ev-core.php#L990","source":"security@wordfence.com","tags":["Product"]},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3232261%40emails-verification-for-woocommerce%2Ftrunk&old=3230854%40emails-verification-for-woocommerce%2Ftrunk&sfp_email=&sfph_mail=","source":"security@wordfence.com","tags":["Patch"]},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a63a41d1-b9b0-43a9-a6e0-761f3b8d9d4a?source=cve","source":"security@wordfence.com","tags":["Third Party Advisory"]}]}}]}