GCVE - cpe:2.3:a:aa_web_servant:12_step_meeting

Approved changes feed: RSS · Atom

cpe:2.3:a:aa_web_servant:12_step_meeting_list:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Aa Web Servant (`7c7a1230-7db1-5257-8941-377c29932a8b`)
Product	12 Step Meeting List (`f75cec2c-99ca-565c-8969-a946794863fb`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-39570`	vulnerable	2026-06-03 15:22:12.713132	WordPress 12 Step Meeting List plugin <= 3.19.9 - Sensitive Data Exposure vulnerability MEDIUM (5.3) Insertion of Sensitive Information Into Sent Data vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Retrieve Embedded Sensitive Data.This issue affects 12 Step Meeting List: from n/a through <= 3.19.9. Published: 2026-04-08T08:30:20.143Z Updated: 2026-04-29T09:52:02.117Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/12-step-meeting-list/vulnerability/wordpress-12-step-meeting-list-plugin-3-19-9-sensitive-data-exposure-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-39569`	vulnerable	2026-06-03 15:22:12.712687	WordPress 12 Step Meeting List plugin <= 3.19.9 - Broken Access Control vulnerability MEDIUM (6.5) Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 12 Step Meeting List: from n/a through <= 3.19.9. Published: 2026-04-08T08:30:19.885Z Updated: 2026-04-29T09:52:02.105Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/12-step-meeting-list/vulnerability/wordpress-12-step-meeting-list-plugin-3-19-9-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-54054`	vulnerable	2026-06-03 15:03:55.509021	WordPress 12 Step Meeting List Plugin <= 3.18.3 - Cross Site Scripting (XSS) Vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Stored XSS.This issue affects 12 Step Meeting List: from n/a through <= 3.18.3. Published: 2025-08-14T18:21:48.649Z Updated: 2026-04-28T16:13:30.163Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/12-step-meeting-list/vulnerability/wordpress-12-step-meeting-list-plugin-plugin-3-18-3-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-24583`	vulnerable	2026-06-03 14:59:56.365310	WordPress 12 Step Meeting List plugin <= 3.16.5 - Settings Change vulnerability MEDIUM (6.5) Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 12 Step Meeting List: from n/a through <= 3.16.5. Published: 2025-04-17T15:48:19.413Z Updated: 2026-04-28T16:11:29.044Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/12-step-meeting-list/vulnerability/wordpress-12-step-meeting-list-plugin-3-16-5-settings-change-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-24582`	vulnerable	2026-06-03 14:59:56.364947	WordPress 12 Step Meeting List plugin <= 3.16.5 - Sensitive Data Exposure vulnerability MEDIUM (5.3) Insertion of Sensitive Information Into Sent Data vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Retrieve Embedded Sensitive Data.This issue affects 12 Step Meeting List: from n/a through <= 3.16.5. Published: 2025-01-24T17:24:16.844Z Updated: 2026-05-11T23:17:58.381Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/12-step-meeting-list/vulnerability/wordpress-12-step-meeting-list-plugin-3-16-5-sensitive-data-exposure-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-24580`	vulnerable	2026-06-03 14:59:56.361193	WordPress 12 Step Meeting List plugin <= 3.16.5 - Arbitrary Content Deletion vulnerability MEDIUM (6.5) Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 12 Step Meeting List: from n/a through <= 3.16.5. Published: 2025-01-24T17:24:15.708Z Updated: 2026-05-12T23:49:22.675Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/12-step-meeting-list/vulnerability/wordpress-12-step-meeting-list-plugin-3-16-5-arbitrary-content-deletion-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-35693`	vulnerable	2026-06-03 14:56:02.778129	WordPress 12 Step Meeting List plugin <= 3.14.33 - Cross Site Scripting (XSS) vulnerability HIGH (7.1) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list.This issue affects 12 Step Meeting List: from n/a through <= 3.14.33. Published: 2024-06-08T14:28:53.278Z Updated: 2026-05-11T21:02:35.737Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/12-step-meeting-list/vulnerability/wordpress-12-step-meeting-list-plugin-3-14-33-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

12 Step Meeting List

PURL mappings

Vulnerability references

Contribute