CVE-2025-30802 – WordPress Our Team Members plugin <= 2.2 - Sensitive Data Exposure vulnerability

https://notcve.org/view.php?id=CVE-2025-30802

27 Mar 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPBean Our Team Members. This issue affects Our Team Members: from n/a through 2.2. The Our Team Members – Team Members WordPress Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wpsf_export_options() function in all versions up to, and including, 2.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to export ... • https://patchstack.com/database/wordpress/plugin/our-team-members/vulnerability/wordpress-our-team-members-plugin-2-2-sensitive-data-exposure-vulnerability?_s_id=cve • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere CWE-862: Missing Authorization •