CVE-2026-2233 | wedevs User Frontend Plugin up to 4.2.8 on WordPress draft_post post_id authorization

Inserito da Angelo Barbosa | Mar 15, 2026 | CVE

A vulnerability labeled as critical has been found in wedevs User Frontend Plugin up to 4.2.8 on WordPress. This issue affects the function draft_post. The manipulation of the argument post_id results in missing authorization.

This vulnerability is reported as CVE-2026-2233. The attack can be launched remotely. No exploit exists.

CVE-2026-2233 | wedevs User Frontend Plugin up to 4.2.8 on WordPress draft_post post_id authorization

Post correlati

CVE-2026-3315 | ASSA ABLOY Visionline up to 1.32 default permission

CVE-2024-48855 | BlackBerry QNX Software Development Platform 7.0/7.1/8.0 TIFF Image Codec out-of-bounds

CVE-2025-13127 | GoldenHorn prior 4.25.1121.1 cross site scripting

CVE-2024-31036 | NanoMQ 0.21.7 Hexstreams read_byte heap-based overflow (Issue 1722)