CVE-2026-4124 | oliverfriedmann Ziggeo Plugin up to 3.1.1 on WordPress Setting current_user_can authorization

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability was found in oliverfriedmann Ziggeo Plugin up to 3.1.1 on WordPress. It has been declared as critical. This vulnerability affects the function current_user_can of the component Setting Handler. The manipulation results in missing authorization.

This vulnerability is reported as CVE-2026-4124. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2026-4124 | oliverfriedmann Ziggeo Plugin up to 3.1.1 on WordPress Setting current_user_can authorization

Post correlati

CVE-2024-46742 | Linux Kernel up to 6.6.50/6.10.9 SMB Server smb2_open null pointer dereference (07f384c5be1f/3b692794b81f/4e8771a3666c)

CVE-2025-59033 | Microsoft Windows up to Server 2025 WDAC Policy incomplete blacklist

CVE-2024-24307 | Product Designer Module prior 1.178.36 on PrestaShop ajaxProcessCropImage path traversal

CVE-2025-47959 | Microsoft Visual Studio 2022 command injection