Volerion logoVolerion
Volerion logoVolerion

WP Recipe Maker WordPress Plugin Information Exposure Vulnerability

Vulnerability

A vulnerability allowing information exposure has been identified in the WP Recipe Maker plugin for WordPress, affecting versions through 10.2.2. The issue arises from the api_get_post_summary function, which lacks proper restrictions on post retrieval. This flaw enables authenticated attackers with Contributor-level access and above to access data from posts they would not normally be able to edit or read. The vulnerability also extends to password-protected, private, or draft posts that should be inaccessible to these users.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive post information, including data from private, password-protected, or draft posts that the user should not be able to access.

Remediation

Users can update to WP Recipe Maker version 10.2.3 or a newer patched version to address this vulnerability.

Added: Jan 16, 2026, 5:19 AM
Updated: Jan 16, 2026, 5:19 AM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
0.6
exploitability
5.5
remediation
0.0
relevance
2.1
threat
3.2
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.