WP Directory Kit plugin for WordPress <= 1.4.9 contains a sensitive information exposure caused by improper access control in wdk_public_action AJAX handler, letting unauthenticated attackers extract email addresses of users with Directory Kit-specific roles. [已公开] id: CVE-2025-13920 info: name: WP Directory Kit < 1.5.0 - Unauthenticated Email Exposure author: 0x_Akoko severity: medium description: | WP Directory Kit plugin for WordPress <= 1.4.9 contains a sensitive information exposure caused by improper access control in wdk_public_action AJAX handler, letting unauthenticated attackers extract email addresses of users with Directory Kit-specific roles. impact: | Unauthenticated attackers can extract email addresses of users with specific roles, leading to privacy breaches. remediation: | Update to the latest version beyond 1.4.9. reference: - https://www.wordfence.com/threat-intel/vulnerabilities/id/8905dcc7-d3c8-4ae8-818c-df3e6ed2ad9c - https://nvd.nist.gov/vuln/detail/CVE-2025-13920 - https://wordpress.org/plugins/wpdirectorykit/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.2 cve-id: CVE-2025-13920 epss-score: 0.01137 epss-percentile

WP Directory Kit

POC: 已公开