CVE-2026-1720 | WowOptin Plugin up to 1.4.24 on WordPress Plugin Installation install_and_active_plugin authorization

Inserito da Angelo Barbosa | Mar 5, 2026 | CVE

A vulnerability described as critical has been identified in WowOptin Plugin up to 1.4.24 on WordPress. This affects the function install_and_active_plugin of the component Plugin Installation Handler. Such manipulation leads to missing authorization.

This vulnerability is listed as CVE-2026-1720. The attack may be performed from remote. There is no available exploit.

CVE-2026-1720 | WowOptin Plugin up to 1.4.24 on WordPress Plugin Installation install_and_active_plugin authorization

Post correlati

CVE-2024-8835 | PDF-XChange Editor JB2 File Parser out-of-bounds (ZDI-24-1258)

CVE-2025-55627 | Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime 3.0.0.4662_2503122283 improper authorization

CVE-2024-36124 | dain snappy up to 0.4 Decompression sun.misc.Unsafe out-of-bounds (GHSA-8wh2-6qhj-h7j9)

CVE-2024-32661 | FreeRDP up to 3.5.0 null pointer dereference (GHSA-p5m5-342g-pv9m)