EUVD-2026-24662

The Create DB Tables plugin for WordPress is vulnerable to authorization bypass in all versions up to and including 1.2.1. The plugin registers adminpost action hooks for creating tables adminpostaddtable and deleting tables adminpostdeletedbtable without implementing any capability checks via...

Security & Malware scan by CleanTalk < 2.51 - Security Nonce Leak leading to Unauthorised AJAX call

Security nonce leak, allowing any authenticated users such as subscribers to make unauthorised AJAX call which could lead to arbitrary file deletion/download and function call. Note WPScanTeam: We do not consider the issue fully remediated, as the AJAX calls rely on CSRF check for authorisation,...

WordPress <=4.2.2 由竞争条件导致的权限提升

WordPress采用了一种功能丰富、易于扩展的角色和能力模型，其中每个用户都被指定一种角色，从权限最低的订阅者到有无限权力的超级管理员。我们知道，即使订阅者也是有权访问WordPress管理员控制面板的，该面板位于/admin目录。相对于管理员而言，订阅者可以使用的面板选项极为有限，因为会受到相应权限的限制。在默认情况下，订阅者只有“readpage”和“readpost”权限，可以读取文章和网页。...