What is GHSA-77v2-rrqg-jjqc?

GHSA-77v2-rrqg-jjqc is a security advisory published by GitHub Security Advisories with Medium severity. The Decent Comments WordPress plugin before 3.0.2 does not restrict access to comment author...

Which CVE IDs does GHSA-77v2-rrqg-jjqc cover?

GHSA-77v2-rrqg-jjqc covers the following CVE IDs: CVE-2026-7385. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-77v2-rrqg-jjqc?

GHSA-77v2-rrqg-jjqc has a CVSS v3 base score of 5.8, published by GitHub Security Advisories.

GHSA-77v2-rrqg-jjqcMediumCVSS 5.8

The Decent Comments WordPress plugin before 3.0.2 does not restrict access to comment author...

Vendor

GitHub Security Advisories

Published

May 20, 2026

Last Modified

May 20, 2026

🔗 CVE IDs covered (1)

CVE-2026-7385 →

📋 Description

The Decent Comments WordPress plugin before 3.0.2 does not restrict access to comment author email addresses and post author email addresses via its REST API endpoint, allowing unauthenticated attackers to enumerate registered user email addresses.

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2026-7385
https://wpscan.com/vulnerability/1c5949d0-cf50-45d3-a7e2-2f94cdb42405
https://github.com/advisories/GHSA-77v2-rrqg-jjqc