WordPress Plugin Vulnerabilities

WP Directory Kit < 1.5.0 - Unauthenticated Email Exposure via wdk_public_action

Description

The WP Directory Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.9 via the wdk_public_action AJAX handler. This makes it possible for unauthenticated attackers to extract email addresses for users with Directory Kit-specific user roles.

Affects Plugins

Plugin icon
wpdirectorykit
Fixed in 1.5.0

References

CVE
CVE-2025-13920
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/8905dcc7-d3c8-4ae8-818c-df3e6ed2ad9c

Classification

Type
SENSITIVE DATA DISCLOSURE
OWASP top 10
A3: Sensitive Data Exposure
CWE
CWE-200
CVSS
5.3 (medium)

Miscellaneous

Original Researcher
Sarawut Poolkhet (MisterHelloz)
Verified
No
WPVDB ID
1df9a5c2-67c0-4eb7-be5e-323769cea1b4

Timeline

Publicly Published
2026-01-23 (about 3 months ago)
Added
2026-01-24 (about 3 months ago)
Last Updated
2026-01-24 (about 3 months ago)

Other

Published
Title
Published
2023-05-02
Title
AnyWhere Elementor < 1.2.8 - Freemius API Key Disclosure
Published
2026-01-23
Title
Advanced WooCommerce Product Sales Reporting < 4.1.3 - Unauthenticated Information Exposure
Published
2025-11-24
Title
Locker Content < 1.0.1 - Unauthenticated Information Exposure
Published
2025-08-14
Title
B Slider - Gutenberg Slider Block for WP < 2.0.1 - Authenticated (Subscriber+) Sensitive Information Exposure
Published
2025-01-06
Title
Passster – Password Protect Pages and Content < 4.2.11 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure