Wp Discourse
by WordPress
Source repositories
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-11983 | Med | 0.28 | 4.3 | 0.00 | Nov 1, 2025 | The WP Discourse plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.5.9. This is due to the plugin unconditionally sending Discourse API credentials (Api-Key and Api-Username headers) to any host specified in a post's… | ||
| CVE-2024-35168 | Med | 0.21 | 4.3 | 0.00 | Jun 11, 2024 | Missing Authorization vulnerability in Discourse WP Discourse.This issue affects WP Discourse: from n/a through 2.5.1. |
- risk 0.28cvss 4.3epss 0.00
The WP Discourse plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.5.9. This is due to the plugin unconditionally sending Discourse API credentials (Api-Key and Api-Username headers) to any host specified in a post's…
- risk 0.21cvss 4.3epss 0.00
Missing Authorization vulnerability in Discourse WP Discourse.This issue affects WP Discourse: from n/a through 2.5.1.