CVE-2026-3596

The CVE-2026-3596 entry documents a privilege escalation in the WordPress plugin Riaxe Product Customizer up to version 2.1.2 . An unauthenticated AJAX action (wp_ajax_nopriv_install-imprint ) maps to the function ink_pd_add_option() , which reads option and opt_value from POST data and performs ...

EUVD-2026-11083

The Gutena Forms WordPress plugin before 1.6.1 does not validate option to be updated, which could allow contributors and above role to update arbitrary boolean and array options such as userscanregister...

WordPress plugin Toret Manager 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2024-10589

The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the importsettings function in all versions up to, and including, 3.1.1. This makes it possible for authenticate...