CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

CVE-2026-8614

The CVE concerns the WordPress Assistio plugin (versions ≤ 1.1.2). A missing capability check and missing nonce verification in assistio_plugin_delete_assistio_settings() allows authenticated users with Subscriber-level access and above to modify data, including deleting the critical assistiobot_...

4.3CVSS5.9AI score

Exploits0References3

EUVD•added 7 hours ago•3 views

EUVD-2026-38668

The Assistio plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce verification on the assistioplugindeleteassistiosettings function in versions up to, and including, 1.1.2. This makes it possible for authenticated attackers,...

4.3CVSS5.9AI score

Exploits0References3

Cvelist•added 7 hours ago•6 views

CVE-2026-8614 Assistio <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Deletion via assistio_plugin_delete_assistio_settings AJAX Action

4.3CVSS

Exploits0References3

Patchstack•added yesterday•5 views

WordPress Assistio plugin <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Plugin Settings Deletion vulnerability discovered by Legion Hunter in WordPress Plugin Assistio versions = 1.1.2...

4.3CVSS5.8AI score

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by