Primary

Context

Majestic Support WordPress Plugin Sensitive Information Exposure Vulnerability

Vulnerability

Patched

A vulnerability allowing sensitive information exposure exists in the Majestic Support WordPress plugin, specifically in versions through 1.0.5. The issue arises from an unprotected directory, 'majesticsupportdata', within the 'wp-content/uploads' folder. This vulnerability enables unauthenticated attackers to access and extract sensitive data, including file attachments from support tickets, stored insecurely in the designated directory.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information, such as private file attachments included in support tickets.

Remediation

Users can update to version 1.0.6 or a newer patched version to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

8.2

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

8.2

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Majestic Support WordPress Plugin Sensitive Information Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Majestic Support

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating