{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1233", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-01-20T15:39:38.386Z", "datePublished": "2026-04-04T11:16:16.425Z", "dateUpdated": "2026-04-06T15:44:58.415Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-04T11:16:16.425Z"}, "affected": [{"vendor": "mvirik", "product": "Text to Speech \u2013 TTSWP", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.9.8", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Text to Speech for WP (AI Voices by Mementor) plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.9.8. This is due to the plugin containing hardcoded MySQL database credentials for the vendor's external telemetry server in the `Mementor_TTS_Remote_Telemetry` class. This makes it possible for unauthenticated attackers to extract and decode these credentials, gaining unauthorized write access to the vendor's telemetry database."}], "title": "Text to Speech (TTS) by Mementor <= 1.9.8 - Use of Hardcoded Password to Unauthenticated Remote Database Access", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b8dc0b5e-87b9-4831-a92a-bbf6eb1346e2?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3453258/text-to-speech-tts"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-798 Use of Hard-coded Credentials", "cweId": "CWE-798", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Kazuma Matsumoto"}], "timeline": [{"time": "2026-01-08T00:00:00.000Z", "lang": "en", "value": "Discovered"}, {"time": "2026-02-03T19:26:31.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-04-03T22:10:19.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-06T15:44:47.813176Z", "id": "CVE-2026-1233", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T15:44:58.415Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1233", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-06T15:44:47.813176Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T15:44:53.145Z"}}], "cna": {"title": "Text to Speech (TTS) by Mementor <= 1.9.8 - Use of Hardcoded Password to Unauthenticated Remote Database Access", "credits": [{"lang": "en", "type": "finder", "value": "Kazuma Matsumoto"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "mvirik", "product": "Text to Speech \u2013 TTSWP", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.9.8"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-01-08T00:00:00.000Z", "value": "Discovered"}, {"lang": "en", "time": "2026-02-03T19:26:31.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2026-04-03T22:10:19.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b8dc0b5e-87b9-4831-a92a-bbf6eb1346e2?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3453258/text-to-speech-tts"}], "descriptions": [{"lang": "en", "value": "The Text to Speech for WP (AI Voices by Mementor) plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.9.8. This is due to the plugin containing hardcoded MySQL database credentials for the vendor's external telemetry server in the `Mementor_TTS_Remote_Telemetry` class. This makes it possible for unauthenticated attackers to extract and decode these credentials, gaining unauthorized write access to the vendor's telemetry database."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-04T11:16:16.425Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1233", "state": "PUBLISHED", "dateUpdated": "2026-04-06T15:44:58.415Z", "dateReserved": "2026-01-20T15:39:38.386Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-04-04T11:16:16.425Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Text to Speech for WP (AI Voices by Mementor) plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.9.8. This is due to the plugin containing hardcoded MySQL database credentials for the vendor's external telemetry server in the `Mementor_TTS_Remote_Telemetry` class. This makes it possible for unauthenticated attackers to extract and decode these credentials, gaining unauthorized write access to the vendor's telemetry database."}], "id": "CVE-2026-1233", "lastModified": "2026-04-04T12:16:02.943", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Primary"}]}, "published": "2026-04-04T12:16:02.943", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3453258/text-to-speech-tts"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b8dc0b5e-87b9-4831-a92a-bbf6eb1346e2?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "security@wordfence.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.9.8]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Text to Speech \u2013 TTSWP", "source": "cna", "vendor": "mvirik"}, "product": "text_to_speech_\u2013_ttswp", "vendor": "mvirik"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-04T13:21:35.834818+00:00", "value": {"mitigation_remediation": ["Update Text to Speech \u2013 TTSWP plugin to the latest version", "If update unavailable, disable the plugin to prevent unauthorized access"], "summary": {"action": "Patch Now", "impact": "Unauthorized write access to the vendor\u2019s telemetry database"}, "threat_synthesis": {"affected_systems": "All WordPress sites running the Text to Speech \u2013 TTSWP plugin from Mervik with version 1.9.8 or earlier are affected. The flaw resides in the Mementor_TTS_Remote_Telemetry class and does not depend on any particular WordPress configuration beyond the plugin installation.", "description_and_impact": "The Text to Speech for WP plugin contains hard\u2011coded MySQL credentials that allow an attacker to extract them and gain write access to the vendor\u2019s telemetry database. The vulnerability is a clear instance of hard\u2011coded credential misuse (CWE\u2011798) and enables unauthorized database manipulation without authentication.", "risk_and_exploitability": "With a CVSS score of 7.5 the issue is considered high severity. No EPSS value is reported and the vulnerability is not listed in the CISA KEV catalog, suggesting limited documented exploitation. The attack vector is inferred to be remote and unauthenticated; anyone who can read the plugin code can retrieve the hard\u2011coded credentials and use them to write to the telemetry database. The damage potential is confined to the vendor\u2019s telemetry system but could provide an attacker with a foothold for further activity through that database."}}}}, "created": "2026-04-06T20:27:28.870901+00:00", "updated": "2026-04-06T22:20:47.574543+00:00", "vendors": ["mvirik", "mvirik$PRODUCT$text_to_speech_\u2013_ttswp", "wordpress", "wordpress$PRODUCT$wordpress"]}