CVE-2026-22216

wpDiscuz 7.6.46 and earlier is affected by a missing rate-limiting vulnerability in the wpdAddSubscription handler (class.WpdiscuzHelperAjax.php). Unauthenticated attackers can submit POST requests to subscribe arbitrary email addresses to post notifications, abusing LIKE wildcard matching in the...