CVE-2026-6419 | Wishlist Member Plugin up to 3.30.1 on WordPress Administrative API ajax_get_screen privileges management

Inserito da Angelo Barbosa | Mag 23, 2026 | CVE

A vulnerability described as critical has been identified in Wishlist Member Plugin up to 3.30.1 on WordPress. Affected by this issue is the function ajax_get_screen of the component Administrative API. Such manipulation leads to improper privilege management.

This vulnerability is referenced as CVE-2026-6419. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-6419 | Wishlist Member Plugin up to 3.30.1 on WordPress Administrative API ajax_get_screen privileges management

Post correlati

CVE-2024-40951 | Linux Kernel up to 6.6.35/6.9.6 ocfs2_abort_trigger null pointer dereference (67bcecd78060/eb63357ef229/685d03c37953)

CVE-2024-12965 | 1000 Projects Portfolio Management System MCA 1.0 /update_ex_detail.php q sql injection

CVE-2024-28987 | SolarWinds Web Help Desk up to 12.8.3 Hotfix 1 hard-coded credentials

CVE-2024-22662 | Totolink A3700R 9.1.2u.6165_20211012 setParentalRules stack-based overflow