CVE-2026-2023 | WP Plugin Info Card up to 6.2.0 on WordPress ajax_save_custom_plugin cross-site request forgery

Inserito da Angelo Barbosa | Feb 17, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in WP Plugin Info Card up to 6.2.0 on WordPress. Affected by this issue is the function ajax_save_custom_plugin. Performing a manipulation results in cross-site request forgery.

This vulnerability is reported as CVE-2026-2023. The attack is possible to be carried out remotely. No exploit exists.

CVE-2026-2023 | WP Plugin Info Card up to 6.2.0 on WordPress ajax_save_custom_plugin cross-site request forgery

Post correlati

CVE-2024-41258 | filestash 0.4 Host Key Verification ssh.InsecureIgnoreHostKey channel accessible

CVE-2025-7470 | Campcodes Sales and Inventory System 1.0 /pages/product_add.php image unrestricted upload

CVE-2024-4897 | parisneo lollms-webui up to 0.2.61 Model Files equivalent special elements

CVE-2025-55080 | Eclipse ThreadX up to 6.4.2 Memory Protection parameters