Out-of-bounds array access in GeoVision's GeoWebPlayer (also branded 'Web Plugin' in GV-VMS and 'WS Player' in VMS-Cloud) lets an attacker corrupt or read process memory by sending crafted WebSocket commands to the localhost server the addon exposes. The specific 'setPIP' command accepts an attacker-controlled 'index' that is used to index internal arrays without range validation, yielding information disclosure and potential memory corruption. There is no public exploit identified at time of analysis, though a Cisco Talos technical report (TALOS-2026-2373) documents the flaw; it is not listed in CISA KEV and no EPSS score is provided.
Out-of-bounds array access in GeoVision's GeoWebPlayer (also branded 'Web Plugin' in GV-VMS and 'WS Player' in VMS-Cloud) lets an attacker abuse the addon's localhost WebSocket server via a crafted 'setStream' command whose attacker-controlled 'index' is used to index arrays without range validation (CWE-129), enabling memory disclosure and possible corruption. Because a victim's browser can be steered into connecting to the local WebSocket service, the vendor rates this AV:N/UI:R (CVSS 8.3) - a remote web page can pivot to the local service after the user visits it. No public exploit is identified at time of analysis and it is not in CISA KEV, so this is not confirmed as actively exploited.
Out-of-bounds array access in GeoVision GeoWebPlayer (the "Web Plugin"/"WS Player" addon bundled with GV-VMS, GV-Cloud and related software) lets a remote attacker corrupt memory via the local WebSocket server's connectInfo command. Because the server trusts an attacker-supplied index without range validation, a victim lured to a malicious web page can trigger high-impact confidentiality, integrity and availability effects (CVSS 8.3, scope-changed). No public exploit identified at time of analysis; the flaw was reported by the vendor (GV) and documented by Cisco Talos.
Privilege escalation in Ubiquiti's UniFi Network Application allows a low-privileged, authenticated user on the network to elevate their permissions within the application by abusing an Improper Access Control weakness (CWE-284). The CVSS 3.1 score of 8.3 reflects that a network-reachable actor holding limited credentials can, under certain conditions, gain high integrity and availability impact over the controller. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Ubiquiti has published Security Advisory Bulletin 066 addressing it.
Denial of service in the Erlang/OTP ssl application (OTP 22.2 through 29.0.3, and the 28.5.x/27.3.x maintenance branches) lets an unauthenticated remote attacker permanently disable TLS 1.3 session ticket handling on a listener with a single crafted ClientHello. Because the pre-shared key extension's identity list and binder list are not length-checked before being handed to the session ticket handler, a mismatched OfferedPreSharedKeys record crashes that process, causing all subsequent TLS 1.3 handshakes to fail at ticket issuance until the ssl application is restarted. No public exploit identified at time of analysis and it is not on CISA KEV, but the CVSS 4.0 base score of 8.2 reflects the trivial, pre-authentication trigger.
Server-side request forgery and OIDC token forgery in Eclipse CSI PIA lets an unauthenticated attacker abuse a flawed Jenkins issuer allowlist (a bare `startswith('https://ci.eclipse.org')` check in `is_issuer_known`, pia/models.py:139) to redirect OIDC discovery and JWKS fetches to an attacker-controlled host. By posting a crafted issuer such as `https://ci.eclipse.org@evil.host` or `https://ci.eclipse.org.evil.host` to `POST /v1/upload/sbom`, an attacker forces PIA to make outbound requests to arbitrary hosts and to accept a JWT signed with the attacker's own key, effectively bypassing token verification. No public exploit identified at time of analysis, but the flaw is unauthenticated and network-reachable, and the CVSS 3.1 base score is 8.2.
Authentication bypass via OIDC discovery poisoning in Dapr Sentry allows a remote unauthenticated attacker to inject an attacker-controlled issuer and jwks_uri into the /.well-known/openid-configuration document by supplying a crafted X-Forwarded-Host header. Because the endpoint honors that header without validation when no allowed-hosts list is set (the default) and caches the response publicly for one hour, relying parties that perform dynamic, unpinned OIDC discovery will fetch keys from an attacker's server and accept attacker-signed JWTs - effectively forging trusted identities. Reported by VulnCheck (CVSS 4.0 8.2); no public exploit identified at time of analysis, and it is not listed in CISA KEV.
Arbitrary file deletion in the TinyPNG (JPEG, PNG & WebP image compression) plugin for WordPress affects all versions through 3.6.13, allowing authenticated attackers with author-level access or higher to delete any file the web server can reach. Because deleting sensitive files such as wp-config.php pushes the site into a fresh-install state, this file-deletion primitive can be escalated to full remote code execution. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV, but it was disclosed by Wordfence with a clear exploitation path and carries a CVSS 8.1 (High).
Missing authorization in the POS Entegratör WordPress plugin (versions <= 3.7.103, vendor gurmehub) lets unauthenticated remote attackers reach privileged plugin functions that lack capability checks, enabling unauthorized modification of data with limited service disruption. The flaw is remotely reachable with no authentication or user interaction (CVSS 8.2), but has no confidentiality impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Arbitrary file deletion in the Image Optimizer plugin for WordPress (versions up to and including 1.7.4) lets an authenticated attacker with Author-level access or higher delete any file the web server can write to, potentially causing denial of service, data loss, or removal of security-relevant files such as wp-config.php. The flaw stems from the plugin trusting attacker-controllable backup paths stored in post meta. This was reported by Wordfence; no public exploit identified at time of analysis, and it is not listed in CISA KEV.
Broken access control in MLflow prior to 3.14.0 lets any authenticated user read, modify, or delete traces belonging to experiments they are not authorized to access, defeating experiment-level authorization when authentication is enabled. The flaw stems from the trace API endpoints being omitted from the `_before_request` authorization handler, so requests reach these endpoints without any validator running. No public exploit has been identified at time of analysis, though a fix commit and huntr bounty report are public.
Authentication bypass in Ubiquiti UniFi Protect Application (versions prior to 7.1.83) allows a network-adjacent attacker to circumvent authentication controls on UniFi Protect Cameras via an improper initialization flaw. The bypass yields total compromise of camera confidentiality, integrity, and availability, though exploitation depends on certain unspecified conditions and carries high attack complexity. No public exploit is identified at time of analysis, and EPSS probability is low (0.24%), consistent with the CISA SSVC assessment of no known exploitation.
Privilege escalation in Ubiquiti's UniFi Talk Application allows a low-privileged, network-adjacent user to gain elevated privileges within the application through an improper access control (CWE-284) weakness, tracked as CVE-2026-55119 and rated CVSS 8.1. Ubiquiti tagged the issue as an Authentication Bypass, and a successful attack yields high confidentiality and integrity impact (C:H/I:H) over an existing authenticated session without any user interaction. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Cross-Site Request Forgery in the Heateor Social Login WordPress plugin (versions up to and including 1.1.39) lets an unauthenticated remote attacker forge state-changing requests that are executed with a logged-in victim's privileges once the victim is lured into interacting with a malicious page. The CVSS 3.1 score is 8.1 with High confidentiality and integrity impact, reflecting potential account or configuration manipulation, though exploitation is gated on user interaction (UI:R). There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Unauthenticated Local File Inclusion in the Audrey WordPress theme (elated-themes) affects all versions up to and including 1.5, letting remote attackers coerce the PHP application into including arbitrary files. Because CWE-98 covers PHP file-inclusion flaws, a successful include can leak sensitive files (wp-config.php, credentials) and, where remote or attacker-controlled content is includable, escalate to code execution. No public exploit is identified at time of analysis and the issue is not listed in CISA KEV, though the network-reachable, unauthenticated nature (CVSS 8.1) makes it a meaningful patching priority for sites running this theme.
Local File Inclusion in the Pearl - Corporate Business WordPress theme (StyleMixThemes) versions 3.4.10 and earlier lets unauthenticated remote attackers coerce the application into including arbitrary local files, exposing sensitive server-side content such as configuration files and credentials. Rated CVSS 8.1 by Patchstack, the flaw requires no authentication (PR:N) but carries high attack complexity (AC:H), and depending on include handling could escalate from information disclosure toward code execution. There is no public exploit identified at time of analysis, no CISA KEV listing, and no EPSS score supplied in the source data.
Unauthenticated Local File Inclusion in the AncoraThemes 'Lighthouse' WordPress theme (versions 1.2.12 and earlier, classified under CWE-98) lets remote attackers with no credentials coerce the theme's PHP include/require logic into loading attacker-influenced file paths. Because CWE-98 covers PHP remote/local file inclusion, a successful attack can disclose sensitive server files (wp-config.php, credentials) and, depending on server configuration, escalate to code execution, which is why NVD scores full C/I/A impact. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Privilege elevation in Microsoft Azure Synapse Analytics allows a network-based, authorized attacker to bypass improper access controls and gain higher privileges than assigned. The flaw carries a critical 9.8 CVSS with full confidentiality, integrity, and availability impact, though its EPSS probability is modest (0.33%, 24th percentile) and CISA SSVC records no observed exploitation. No public exploit has been identified at time of analysis, and Microsoft has released a fix through its Security Update Guide.
Local code execution in Notepad3 (versions through 6.25.822.1) arises from an insecure LoadLibrary(L"MSFTEDIT.DLL") call in the About-dialog path within src/Notepad3.c. Because the DLL is loaded by bare name, an attacker who can drop a malicious MSFTEDIT.DLL into the application directory or an earlier search-order location runs arbitrary code as the current user once that user opens the About dialog. No public exploit identified at time of analysis, and EPSS is low at 0.18% (8th percentile), consistent with a local, user-interaction-dependent flaw rather than a mass-exploitation target.
Local privilege escalation in Little Orbit's GameFirst Anti-Cheat (GFAC) lets a low-privileged user reach SYSTEM and run arbitrary code in kernel mode by sending crafted messages to the GFAC_Sys_x64.sys minifilter communication port. All GameFirst Anti-Cheat builds up to and including the 2025-07-07 release are affected, and a public GitHub repository covering this CVE alongside two sibling flaws indicates exploit material is available. There is no public exploit identified as being actively used, but the CERT/CC coordination and shared PoC repository make weaponization plausible.
Local privilege escalation in Little Orbit's GameFirst Anti-Cheat (GFAC) kernel driver GFAC_Sys_x64.sys allows an unprivileged local user to invoke privileged driver functionality because the minifilter communication port exposes its interface without proper access control. Any local account can send crafted requests through the port to reach kernel-level operations, yielding full confidentiality, integrity, and availability impact (CVSS 7.8). A CERT/CC-coordinated advisory (VU#639124) and a public GitHub repository covering CVE-2026-12166/12167/12168 suggest exploit code is likely available, though no active exploitation is confirmed.
Remote code execution in WatchGuard Fireware OS (the firmware powering WatchGuard Firebox firewall appliances) allows an unauthenticated attacker positioned on the same local/adjacent network segment to trigger an out-of-bounds write and execute arbitrary code. The flaw spans a wide firmware range - 11.0 through 11.12.4_Update1, 12.0 through 12.12, and 2025.1 through 2026.2 - and was self-reported by WatchGuard via its PSIRT. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the network-adjacent, unauthenticated, high-impact profile makes it a serious perimeter-device concern.
Authenticated OS command injection in the WP Database Backup plugin for WordPress (all versions up to and including 7.11) lets administrator-level users execute arbitrary operating system commands on the underlying server, escalating a WordPress admin foothold into full host RCE. The flaw stems from the wp_db_exclude_table POST parameter being concatenated unescaped into the mysqldump shell command; the injection is stored, so payloads persist in the options table and fire whenever a backup runs. Reported by Wordfence with no public exploit identified at time of analysis and no CISA KEV listing.
Root-level command injection in OpenWrt's luci-app-travelmate/travelmate (confirmed in 2.4.5-r3, sink still present in 2.4.6-1) lets an rpcd/LuCI session holding only the luci-app-travelmate write ACL escalate to arbitrary command execution as root. The LuCI UI limits the auto-login script picker to /etc/travelmate/*.login, but that is a frontend-only check: the root-run backend reads the raw UCI 'script' and 'script_args' values, so an attacker sets script to /bin/sh with controlled arguments to run commands as root when the captive-portal auto-login branch fires. Reported by VulnCheck with no public exploit identified at time of analysis and no CISA KEV listing.
Arbitrary file disclosure in the Perfmatters WordPress performance plugin (versions ≤ 2.6.4) lets unauthenticated attackers traverse the filesystem via the 's' parameter and read sensitive server files such as wp-config.php. The flaw only surfaces in a specific non-default configuration (Local Google Fonts enabled with pretty permalinks and RSS feed links active), and there is no public exploit identified at time of analysis. Reported by Wordfence with a CVSS of 7.5 (high).
Authorization bypass in Craft CMS versions 5.0.0-RC1 through 5.9.20 lets a low-privileged authenticated user spoof entry authorship by reassigning an entry's author to an arbitrary user without holding the dedicated peer-author-change permission. Because EntriesController::actionSaveEntry() checks edit permissions before applying request-controlled author changes and never re-runs authorization after mutating the author list, any existing author of an entry can hijack attribution. No public exploit has been identified at time of analysis; the flaw is fixed in 5.9.21.
Denial of service in the Libreswan IPsec VPN's pluto daemon allows remote unauthenticated attackers to crash and repeatedly restart the daemon by sending an invalidly formatted IKEv2 fragment. The off-by-one flaw affects any deployment permitting IKEv2 connections that do not explicitly set fragmentation=no, with no authentication or user interaction required; repeated exploitation sustains the outage. No public exploit identified at time of analysis, and no remote code execution is possible despite the mislabeled 'RCE' tag.
Arbitrary file read in the Ninja Forms - File Uploads WordPress add-on (versions ≤ 3.3.29) lets unauthenticated remote attackers exfiltrate any file readable by the web server. A client-supplied saveProgress flag causes the process() method to return early, so a raw attacker-controlled 'files' array reaches attach_files() and get_files_for_attachment() without upload validation, path normalization, or database record creation - an attacker-chosen file_path is then passed to wp_mail() as an email attachment guarded only by a file_exists() check. No public exploit has been identified at time of analysis; there is no CISA KEV listing and no EPSS score was supplied.
Remote memory exhaustion in open62541's FindServers Discovery Service lets an unauthenticated attacker crash or degrade OPC UA servers built on versions 1.4.0-1.4.16, 1.5.0-1.5.4, and master. Because the serverUris field of a FindServersRequest is never validated for length or array size, an attacker can declare a string of up to ~3.9 GB and stream it across chunks while withholding the final chunk, forcing the server to buffer everything in RAM until the SecureChannel times out. The attack is pre-session, requires no authentication, and bypasses all encryption configuration; no public exploit identified at time of analysis.
SQL injection in the WP Review Slider Pro WordPress plugin (versions up to and including 12.7.2) lets unauthenticated attackers extract arbitrary database contents through the 'notinstring' parameter of the wprp_load_more_revs AJAX action. Because the action is exposed via wp_ajax_nopriv and its required nonce is leaked to the frontend through wp_localize_script on any page rendering the plugin shortcode, anyone who can reach a public page hosting the plugin can exploit it. Reported by Wordfence with a CVSS of 7.5; no public exploit identified at time of analysis.
Denial of service in Eclipse Parsson before 1.1.8 lets remote unauthenticated attackers exhaust CPU and memory on any application that parses attacker-controlled JSON. Because the parser enforced no default cap on characters consumed per document, a single oversized payload - large arrays, strings, numbers, deep nesting, or whitespace - can hang or crash the service. No public exploit is identified at time of analysis; the fix (1.1.8) adds a configurable default limit of 15 million parser-consumed characters.
Authentication-bypass leading to remote code execution in 9router (npm package 9router) lets attackers reach spawn-capable MCP routes that were meant to be loopback-only. This is an incomplete fix for CVE-2026-46339: the local-only gate in src/dashboardGuard.js decides 'local' from attacker-controllable Host and Origin headers instead of the TCP source address, so any proxied or tunneled (Cloudflare Tunnel / Tailscale) deployment can be tricked into treating remote requests as local. Combined with the deterministic, machine-ID-derived CLI token, a remote attacker can inject JSON-RPC into MCP child processes (node, python, npx, etc.) and execute code on the host; no public exploit identified at time of analysis, though detailed reproduction steps are published in the vendor advisory.
Arbitrary file disclosure in Ubiquiti UniFi Protect Floodlight devices lets a network-adjacent attacker read files on the device via path traversal, exposing potentially sensitive local data. The flaw (CWE-22) is remotely reachable without authentication per the CVSS vector (PR:N) and carries high confidentiality impact but no integrity or availability effect. No public exploit has been identified at time of analysis, and the issue is not listed in CISA KEV; Ubiquiti has issued a fix via Security Advisory Bulletin 066.
Unauthenticated code injection in the Request a Quote plugin for WordPress (versions up to and including 2.5.5) lets remote attackers invoke arbitrary zero-argument PHP functions on the server through the emd_delete_file AJAX action. Because the handler is registered for wp_ajax_nopriv and derives a callable function name from the attacker-controlled $_POST['path'] parameter, an attacker can trigger functions such as phpinfo() to expose server configuration and credentials, or destructive built-in functions. No public exploit identified at time of analysis, but the nonce that is the sole gatekeeper is printed directly into the public quote-form page, effectively neutralizing it.
Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_483ba0 component
Server-Side Request Forgery in Ubiquiti's UniFi Talk Application allows a network-positioned attacker to coerce the application into making unintended internal requests, resulting in a Denial of Service and an authentication bypass against certain UniFi Talk API endpoints. The flaw carries CVSS 7.5 (scope-changed, high availability impact) and is reachable by remote attackers without authentication (PR:N), though a high attack complexity (AC:H) constrains reliable exploitation. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Denial of service in the UTT nv518G security gateway/router (firmware nv518GV3v3.2.7-210919-161313) lets remote attackers crash the device by triggering a buffer overflow in the gohead web-management component's sub_487330 (FUN_00487330) function. The CVSS vector indicates unauthenticated network exploitation with availability-only impact, EPSS is low at 0.22% (13th percentile), and no active exploitation is recorded, though a public technical write-up of the flawed function exists on GitHub.
Remote denial of service in the UTT nv518G security gateway/router (firmware nv518GV3v3.2.7-210919-161313) allows an unauthenticated attacker to crash the device by triggering a buffer overflow in the gohead/sub_444C8C function of its embedded web management service. The flaw impacts availability only - no code execution, data disclosure, or integrity loss is indicated - and CVSS rates it 7.5 (High). No public exploit identified at time of analysis, though a GitHub reverse-engineering report documents the vulnerable function; EPSS is low at 0.22% (13th percentile) and it is not on the CISA KEV list.
Denial of service in the UTT nv518G security gateway (firmware nv518GV3 v3.2.7-210919-210919/161313) lets a remote, unauthenticated attacker crash or hang the device by triggering uncontrolled resource consumption in the gohead/sub_445C5C (FUN_00445c5c) handler of the built-in GoAhead-style web management daemon. No public exploit is identified in the source data, though a GitHub technical write-up reverse-engineering the vulnerable function is available; EPSS is low (0.20%, 10th percentile) and the CVE is not on CISA KEV, so exploitation is theoretical rather than confirmed. Impact is limited to availability (network outage of the gateway) with no confidentiality or integrity loss.
Privilege persistence in Ubiquiti's UniFi Network Application allows a low-privileged network-adjacent actor to retain granted privileges within the controller even after those privileges are supposed to have been revoked, due to an Incorrect Authorization (CWE-863) flaw. The CVSS 3.1 base score is 7.5 (AV:N/AC:H/PR:L/UI:N) with high confidentiality, integrity, and availability impact, meaning an actor whose access was removed can continue to act with the old authorization. No public exploit identified at time of analysis, and it is not listed in CISA KEV; exploitation requires prior authenticated access plus specific unstated conditions (AC:H).
Denial of service in pdfcpu (the Go PDF processing library and CLI) through v0.11.1 lets a remote attacker crash any application that parses attacker-supplied PDFs by submitting a document with deeply nested objects. The parser follows nested arrays recursively via ParseObjectContext() and parseArray() with no depth cap, so a crafted file exhausts the goroutine stack and aborts the process. No public exploit is identified at time of analysis and EPSS is low (0.17%, 7th percentile), consistent with an availability-only bug rather than a code-execution risk.
HTTP request smuggling in Ruby's WEBrick HTTP server through v1.9.2 allows remote attackers to desynchronize front-end/back-end request parsing by exploiting how WEBrick reparses a Content-Length value supplied in chunked trailers back into the canonical request state. Any deployment fronting WEBrick with a proxy, load balancer, or CDN that disagrees on message length can have requests smuggled past it, enabling request routing manipulation and information disclosure. Publicly available exploit code exists (SSVC exploitation status: poc), though EPSS remains low at 0.16% and it is not on CISA KEV.
Denial-of-service in the simplesamlphp/saml2 PHP library (and its saml2-legacy variant, used by SimpleSAMLphp) allows unauthenticated remote attackers to exhaust CPU/memory by submitting SAML messages containing malicious XPath transforms in XML Signature elements. The fix restricts the number of transforms and rejects XPath transforms entirely, permitting only the transform algorithms named in the SAML 2.0 Core specification. No public exploit has been identified at time of analysis and the flaw carries CVSS 7.5 (availability-only impact); it is not in CISA KEV.
Remote denial of service in the Zebra Zcash full-node (zebrad) up to and including v4.4.1 lets an unauthenticated peer deterministically crash any synced node running the standard Linux dual-stack configuration. By completing a P2P handshake over IPv4 to a `[::]` listener and then advertising a single invalid mempool transaction (e.g. a coinbase), the attacker triggers a reachable-assertion panic in the address book after a 30-second batch flush, and `panic = "abort"` terminates the process. No public exploit has been identified at time of analysis, but the advisory documents the full reproduction path; the crash is repeatable after every restart, enabling persistent downtime.
Denial of service in the JSONata JavaScript query/transformation library (npm 'jsonata') before 2.2.0 allows remote attackers to hang the event loop by supplying crafted, non-matching date strings to the $toMillis function, whose ISO-8601 validation regex is vulnerable to superlinear (catastrophic) backtracking. Any application that evaluates user-provided JSONata expressions or feeds attacker-controlled data into $toMillis is exposed. There is no public exploit identified at time of analysis and the flaw is not in CISA KEV, but EPSS/exploitation likelihood aside, the CVSS 7.5 (A:H) reflects a clean availability-only impact.
Denial of service in Ubiquiti's UniFi Network Application allows a remote, unauthenticated attacker with network access to crash or render the application unavailable by sending malformed input that the application fails to properly validate (CWE-20). The flaw carries a CVSS 7.5 rating driven entirely by availability impact (C:N/I:N/A:H), with no confidentiality or integrity consequences. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Local File Inclusion in the SportsPress Pro WordPress plugin (versions 2.7.29 and earlier) lets an authenticated user holding at least Contributor privileges cause the application to include and disclose arbitrary local files on the server. Because the flaw is rooted in unsafe PHP file inclusion (CWE-98), a successful attacker can read sensitive files such as wp-config.php and, depending on which local files can be included, potentially escalate toward code execution. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, though the finding is documented by Patchstack.
Local File Inclusion in the Shopify (Shopify Help Center) WordPress plugin through version 1.0.0 allows an authenticated user with at least Contributor privileges to include and read arbitrary local files on the server, potentially escalating to code execution via CWE-98-style file-inclusion abuse. The flaw was reported by Patchstack and carries a CVSS 7.5 rating driven by high confidentiality, integrity, and availability impact but with high attack complexity. No public exploit identified at time of analysis, and it is not listed in CISA KEV.
Broken access control in the NOWPayments for WooCommerce WordPress plugin (versions <= 1.4.0) allows unauthenticated remote attackers to perform actions or modify state that should be restricted, without any authentication. The flaw stems from a missing authorization check (CWE-862) on a network-reachable endpoint, and per its CVSS 3.1 vector it affects integrity only (I:H) with no confidentiality or availability impact. No public exploit has been identified at time of analysis, though the vulnerability was cataloged by Patchstack, a specialist in WordPress plugin security research.
Arbitrary content deletion in the Merkulove 'OpenAI Chatbot for WordPress - Helper' plugin (versions 1.1.4 and earlier) lets remote unauthenticated attackers destroy site content by invoking a plugin action that lacks an authorization check. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N, A:H) confirms network-reachable, no-privilege, no-interaction exploitation with high availability impact and no confidentiality or integrity compromise. No public exploit identified at time of analysis, and it is not listed in CISA KEV.