CVE-2026-1398 | Change WP URL Plugin up to 1.0 on WordPress Setting cross-site request forgery

Inserito da Angelo Barbosa | Gen 28, 2026 | CVE

A vulnerability described as problematic has been identified in Change WP URL Plugin up to 1.0 on WordPress. This affects an unknown part of the component Setting Handler. Executing a manipulation can lead to cross-site request forgery.

This vulnerability is registered as CVE-2026-1398. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-1398 | Change WP URL Plugin up to 1.0 on WordPress Setting cross-site request forgery

Post correlati

CVE-2024-10649 | wandb openui c945bb859979659add5f490a874140ad17c56a5d missing authentication

CVE-2024-35185 | Stacklok Minder up to 0.0.48 REST Ingester resource consumption (GHSA-fjw8-3gp8-4cvx)

CVE-2024-32111 | WordPress up to 6.5.4 path traversal

CVE-2023-7169 | Snow Inventory Agent up to 6.14.5 on Windows authentication spoofing