CVE-2026-8682 | hasanazizul 3D Viewer Plugin up to 2.0.1 on WordPress REST Endpoint ar_try_on_settings authorization

Inserito da Angelo Barbosa | Mag 28, 2026 | CVE

A vulnerability was found in hasanazizul 3D Viewer Plugin up to 2.0.1 on WordPress. It has been classified as critical. This impacts the function ar_try_on_settings of the component REST Endpoint. This manipulation causes missing authorization.

This vulnerability is registered as CVE-2026-8682. Remote exploitation of the attack is possible. No exploit is available.

CVE-2026-8682 | hasanazizul 3D Viewer Plugin up to 2.0.1 on WordPress REST Endpoint ar_try_on_settings authorization

Post correlati

CVE-2024-9129 | Zend Server up to 9.1 format string

CVE-2024-4324 | WP Video Lightbox Plugin up to 1.9.10 on WordPress width cross site scripting

CVE-2025-24614 | agileLogix Post Timeline Plugin up to 2.3.9 on WordPress cross site scripting

CVE-2025-56406 | mcp-neo4j 0.3.0 SSE Service information disclosure