CVE-2026-3546
Sensitive Information Exposure in e-shot WordPress Plugin via AJAX
Publication date: 2026-03-21
Last updated on: 2026-03-21
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| esotalk | esotalk | to 1.0.2 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-202 | When trying to keep information confidential, an attacker can often infer some of the information by using statistics. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The e-shot form builder plugin for WordPress has a vulnerability in all versions up to and including 1.0.2. Specifically, the function eshot_form_builder_get_account_data() is accessible to all authenticated users without proper capability checks or nonce verification. This function queries the database and returns the e-shot API token and all subaccount data as a JSON response. Because of this, any authenticated user with Subscriber-level access or higher can extract sensitive information such as the API token and subaccount details.
How can this vulnerability impact me? :
This vulnerability allows attackers with even low-level authenticated access (Subscriber-level and above) to retrieve the e-shot API token and subaccount information. With this information, attackers could potentially access the victim's e-shot platform account, leading to unauthorized access to sensitive data or misuse of the e-shot services associated with the account.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know