CVE-2026-6895 | Wishlist Member Plugin up to 3.30.1 on WordPress REST API export_settings privileges management

Inserito da Angelo Barbosa | Mag 23, 2026 | CVE

A vulnerability, which was classified as critical, has been found in Wishlist Member Plugin up to 3.30.1 on WordPress. This issue affects the function export_settings of the component REST API. The manipulation leads to improper privilege management.

This vulnerability is listed as CVE-2026-6895. The attack may be initiated remotely. There is no available exploit.

CVE-2026-6895 | Wishlist Member Plugin up to 3.30.1 on WordPress REST API export_settings privileges management

Post correlati

CVE-2025-40725 | Azon Dominator PHP Script URL /search cross site scripting (EUVD-2025-27530)

CVE-2023-38694 | Umbraco CMS up to 8.18.9/10.6.x/12.0.x cross site scripting (GHSA-xxc6-35r7-796w)

CVE-2026-24029 | PowerDNS DNSdist up to 1.9.11/2.0.2 early_acl_drop Remote Code Execution

CVE-2024-4463 | Squelch Tabs and Accordions Shortcodes Plugin up to 0.4.7 on WordPress cross-site request forgery