CVE-2025-30609

{"id": "CVE-2025-30609", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "audit@patchstack.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2025-03-24T14:15:33.533", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/appexperts/vulnerability/wordpress-appexperts-wordpress-to-mobile-app-woocommerce-to-ios-and-android-apps-1-4-3-sensitive-data-exposure-vulnerability?_s_id=cve", "source": "audit@patchstack.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-201"}]}], "descriptions": [{"lang": "en", "value": "Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal AppExperts appexperts allows Retrieve Embedded Sensitive Data.This issue affects AppExperts: from n/a through <= 1.4.3."}, {"lang": "es", "value": "Vulnerabilidad de inserci\u00f3n de informaci\u00f3n confidencial en los datos enviados en AppExperts AppExperts \u2013 WordPress to Mobile App \u2013 WooCommerce to iOs and Android Apps que permite recuperar datos confidenciales incrustados. Este problema afecta a AppExperts (de WordPress a aplicaciones m\u00f3viles y de WooCommerce a iOS y Android): desde n/d hasta la versi\u00f3n 1.4.3."}], "lastModified": "2026-04-23T15:26:57.930", "sourceIdentifier": "audit@patchstack.com"}