CVE-2026-0845 | WCFM Plugin up to 6.7.24 on WordPress Setting processing privilege escalation

Inserito da Angelo Barbosa | Feb 9, 2026 | CVE

A vulnerability has been found in WCFM Plugin up to 6.7.24 on WordPress and classified as critical. This impacts the function WCFM_Settings_Controller::processing of the component Setting Handler. Performing a manipulation results in privilege escalation.

This vulnerability is identified as CVE-2026-0845. The attack can be initiated remotely. There is not any exploit available.

CVE-2026-0845 | WCFM Plugin up to 6.7.24 on WordPress Setting processing privilege escalation

Post correlati

CVE-2024-36457 | Broadcom Symantec Privileged Access Management up to 3.4.6/4.1.7 PAM Endpoint improper authentication

CVE-2024-24708 | W3speedster Plugin up to 7.19 on WordPress cross-site request forgery

CVE-2024-9811 | code-projects Restaurant Reservation System 1.0 filter3.php company sql injection

CVE-2026-1665 | nvm-sh nvm up to 0.40.3 Environment Variable nvm_download NVM_AUTH_HEADER os command injection