Exposure of Sensitive Data in Mail Mint by WPFunnels Team
CVE-2026-27349

4.3MEDIUM

Key Information:

Vendor: WordPress
Status: Mail Mint
Vendor: CVE Published:; 21 May 2026

What is CVE-2026-27349?

The Mail Mint product developed by WPFunnels Team is susceptible to a vulnerability that permits the retrieval of embedded sensitive data by unauthorized entities. This flaw allows attackers to access sensitive system information, which could lead to further exploitation or data breaches. Users of Mail Mint from versions n/a through 1.19.5 are urged to take immediate action to mitigate this risk.

Affected Version(s)

Mail Mint <= 1.19.5

References

https://patchstack.com/database/wordpress/plugin/mail-min...

vdb-entry

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 21, 2026
Vulnerability Reserved
Feb 19, 2026

Credit

Que Thanh Tuan | Patchstack Bug Bounty Program

CVE-2026-27349 Data

JSON