What the vulnerability does
01Description
Unauthenticated Sensitive Information Disclosure vulnerability in WP Libre Form 2 plugin <= 2.0.8 at WordPress allows attackers to list and delete submissions. Affects only versions from 2.0.0 to 2.0.8.
CVE-2022-34867
HIGH
CVE-2022-34867: WordPress WP Libre Form 2 plugin <= 2.0.8 - Unauthenticated Sensitive Information Disclosure vulnerability
CVSS base score
7.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Key dates
02Disclosure timeline
September 6, 2022
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-8969 The SYSCOM Group OMFLOW - Exposure of Sensitive Data
CVE-2025-53694 Information Disclosure in ItemServices API
CVE-2025-58739 Microsoft Windows File Explorer Spoofing Vulnerability
CVE-2026-45594 Windows Application Identity (AppID) Information Disclosure Vulnerability
CVE-2025-4222 Database Toolset <= 1.8.4 - Unauthenticated Sensitive Information Exposure via Backup Files
