Skip to main content
CVE-2026-1306 CRITICAL POC Act Now

Arbitrary file upload in midi-Synth WordPress plugin via 'export' AJAX action.

WordPress RCE File Upload
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-8572 CRITICAL Act Now

Privilege escalation in Truelysell Core WordPress plugin <= 1.8.7. Insufficient role validation allows elevation.

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
9.8
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy