CVE-2025-31550

Medium

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in thom4 WP-LESS wp-less allows Retrieve…

Patchstack·CWE-538·Published 2025-04-01

CVSS

5.8

EPSS

0.00

KEV

Exploits

cve.orgen

213 chars

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in thom4 WP-LESS wp-less allows Retrieve Embedded Sensitive Data.This issue affects WP-LESS: from n/a through <= 1.9.6.

NVDen

213 chars

NVDes

243 chars

La vulnerabilidad de inserción de información confidencial en archivos o directorios accesibles externamente en thom4 WP-LESS permite recuperar datos confidenciales incrustados. Este problema afecta a WP-LESS desde la versión 1.9.3 hasta la 3.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	5.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
3.1	Secondary	NVD	5.8	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N