CVE-2026-3772 | benjaminprojas WP Editor Plugin up to 1.2.9.2 on WordPress add_plugins_page/add_themes_page cross-site request forgery

Inserito da Angelo Barbosa | Mag 1, 2026 | CVE

A vulnerability classified as problematic has been found in benjaminprojas WP Editor Plugin up to 1.2.9.2 on WordPress. Affected by this vulnerability is the function add_plugins_page/add_themes_page. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2026-3772. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-3772 | benjaminprojas WP Editor Plugin up to 1.2.9.2 on WordPress add_plugins_page/add_themes_page cross-site request forgery

Post correlati

CVE-2026-40569 | freescout-help-desk freescout up to 1.8.212 Mailbox Connection Settings Endpoint MailboxesController.php connectionIncomingSave access control (GHSA-hmqm-33wp-858j)

CVE-2024-5092 | Elegant Addons for Elementor Plugin up to 1.0.8 on WordPress cross site scripting

CVE-2024-37182 | Mattermost Desktop App up to 5.7.0 External URL protection mechanism

CVE-2023-7105 | code-projects E-Commerce Website 1.0 index_search.php search sql injection