3 matches found
CVE-2026-13492
creationtimestamp| type| source ---|---|--- 2026-07-09 20:21:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqahj5jc7c2x 2026-07-10 00:00:29+00:00| seen| https://bsky.app/profile/pulse-wp.com/post/3mqatqugq6z23...
CVE-2026-13492
The UsersWP plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 1.2.65. This is due to insufficient validation of file-field values in the UsersWPValidation::validatefields function which falls through to sanitizetextfield for fields of type 'file',...
CVE-2026-13492
The CVE-2026-13492 entry concerns the WordPress UsersWP plugin (affected versions up to and including 1.2.65). The vulnerability arises from insufficient validation of file-field values in UsersWP_Validation::validate_fields(), which falls through to sanitize_text_field() for fields of type 'file...