Broken object-level authorization in Krayin CRM (Laravel CRM) through version 2.2.3 lets any authenticated user tamper with leads, persons, organizations, quotes, and activities belonging to other users. Because the edit, update, and destroy methods across five controllers never verify record ownership, a low-privileged account can read, modify, reassign, or delete arbitrary CRM records by manipulating the object ID. Publicly available exploit details exist (reported by VulnCheck), though the issue is not listed in CISA KEV and no EPSS score was provided.
SQL injection in Dify's MyScale vector store backend (versions before 1.16.0-rc1) lets authenticated attackers execute arbitrary SQL against the underlying ClickHouse database by passing unsanitized search parameters into the search_by_full_text method. Because those parameters are concatenated into the query without escaping or parameterization, an attacker can read, modify, or delete stored vector-store data. Publicly available exploit code exists (VulnCheck advisory and GitHub issue #38281) and a vendor patch is available; there is no confirmation of active in-the-wild exploitation.
The EscortWP escortwp WordPress theme through 3.6.2 was distributed with a vendor-authored, obfuscated backdoor that lets an unauthenticated attacker who supplies a hard-coded, per-build key permanently delete all of the site's content, and that covertly transmits the site URL, administrator email address, and license key to a third-party server.
Authenticated arbitrary file write in OpenPLC Runtime v3 lets a logged-in user of the legacy web UI escalate to native code execution on the host running the automation controller. The program-upload workflow stores the attacker-supplied prog_file filename in the Programs.File database field and later reuses it unvalidated as a destination path; because Python os.path.join() honors absolute paths, files can be written anywhere the webserver process can write. Reported by ICS-CERT (CISA ICS advisory ICSA-26-190-01); no public exploit identified at time of analysis and it is not listed in CISA KEV.
Backend resource exhaustion in Hydro-Québec's Le Circuit Electrique EV charging station backend (all versions prior to the June 2026 fix) lets remote unauthenticated attackers open multiple simultaneous OCPP sessions under a single charging station identifier, flooding the platform with rogue clients. Because the backend never enforces one active session per station ID, an attacker can spin up many spoofed OCPP clients and exhaust backend capacity, degrading or denying service to legitimate charging stations. There is no public exploit identified at time of analysis, and the issue is not listed in CISA KEV; EPSS data was not provided.
Denial-of-service exposure in the Hydro-Québec Le Circuit Électrique EV charging-station backend allows remote, unauthenticated attackers to hammer the authentication endpoint without rate limiting, degrading or exhausting the service that charging stations rely on. The flaw (CWE-307, missing throttling of repeated auth attempts) affects all backend versions prior to the June 2026 fix and carries a CVSS 4.0 base score of 8.7. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but it was reported through ICS-CERT and documented in CISA ICS advisory ICSA-26-188-01.
Privilege escalation to root in the HestiaCP web hosting control panel (versions before 1.9.5) lets any low-privilege authenticated user run arbitrary OS commands as root by injecting a single-quote into an unvalidated DNS record type field. The flaw chains weak input validation in is_dns_record_format_valid() with unsafe eval-based zone parsing in update_domain_zone(), turning a routine DNS record creation into full host takeover. No public exploit is identified at time of analysis, but VulnCheck has published a detailed advisory and the vendor shipped a fix in 1.9.5.
OS command injection in R-SOFT DMS lets an authenticated user run arbitrary shell commands as the web server account by abusing the document converter. The konwertujAction() routine builds shell commands from unsanitized file-path and format parameters (CWE-78), so any user who can trigger a conversion can inject commands. Discovery is credited to CERT Polska; no public exploit identified at time of analysis and it is not listed in CISA KEV. CVSS 4.0 base is 8.7 (High).
Remote command execution in Dell Unisphere for PowerMax versions 10.3.0.5 and prior allows a low-privileged authenticated user to run arbitrary OS commands with root privileges by abusing unsafe deserialization of untrusted data (CWE-502). Because the CVSS vector is AV:N/AC:L/PR:L, any account with minimal access on the management interface can escalate to full root control of the storage-management appliance. There is no public exploit identified at time of analysis and the CVE is not in CISA KEV, but the low attack complexity and full CIA impact make it a high-priority patch for storage administrators.
Arbitrary file access in JetBrains TeamCity before 2026.1.2 lets an authenticated user abuse the Perforce (P4) VCS integration to read files outside intended boundaries on the TeamCity server host. The flaw (CWE-73, external control of file name or path) was self-reported by JetBrains and is fixed in 2026.1.2; no public exploit identified at time of analysis, and it is not listed in CISA KEV. With PR:L in the CVSS vector, exploitation requires a low-privilege account that can define or influence a Perforce VCS root, making it a realistic post-authentication threat on shared CI servers.
Remote code execution in the Salon Booking System - Free Version WordPress plugin (all versions ≤ 10.30.32) lets a remote attacker write attacker-controlled PHP into the plugin's web-accessible translate-constants.php file by abusing the unprotected setCustomText AJAX handler. Because the handler lacks proper nonce validation (CWE-352 CSRF), an unauthenticated attacker who tricks a logged-in administrator into clicking a crafted link can achieve full server-side code execution. Reported by Wordfence with a CVSS of 8.8; there is no public exploit identified at time of analysis and it is not on CISA KEV.
Uncontrolled memory and CPU consumption in Excelize (qax-os/excelize), the widely used Go library for reading and writing Microsoft Excel spreadsheets, before version 2.11.0 lets a crafted XLSX file trigger a denial of service. The streaming worksheet reader behind the Rows and GetRows APIs fails to enforce the TotalRows (1,048,576) limit on the row 'r' attribute, so a tiny file declaring an out-of-range row index with no cell coordinate forces GetRows to allocate empty rows up to that attacker-chosen index. No public exploit identified at time of analysis, but the trigger is trivial to construct and the fix is confined to a single validation check.
Authorization bypass in Teracity TeraMIS (versions V03.26.01.14 through the 30.04.2026 build) lets an authenticated low-privilege user tamper with a user-controlled object key to reach records and functions belonging to other users or higher-privilege roles (CWE-639 IDOR). The CVSS vector (AV:N/AC:L/PR:L/UI:N) confirms remote, low-complexity exploitation by any account holder, yielding high confidentiality and integrity impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; EPSS and POC data were not provided.
Privilege escalation in Adam Retail Automation's MobilMen 20T (versions v3 through build 10072026) lets an authenticated low-privileged user manipulate a user-controlled key (CWE-639) to access resources or actions belonging to other, higher-privileged accounts. The flaw carries CVSS 8.8 and was reported by Turkey's national CERT (TR-CERT), but no public exploit identified at time of analysis and it is not in CISA KEV. The vendor was contacted but did not respond, so no coordinated fix is confirmed.
OS command injection in MaxKB (1Panel-dev's open-source enterprise AI assistant) before 2.10.0-lts lets an authenticated user achieve arbitrary command execution on the host by importing a crafted .tool file that declares an MCP stdio transport and triggering it through an AI Chat node. Because the tool-import path (apps/tools/serializers/tool.py) and the MCP referencing path (base_chat_step.py) fail to consistently validate the MCP transport type, the MultiServerMCPClient spawns the attacker's stdio command locally. Rated CVSS 8.8; no public exploit has been identified at time of analysis, and it is not listed in CISA KEV.
Regular-expression denial of service (ReDoS) in the Phalcon PHP framework before 5.15.0 lets remote unauthenticated attackers exhaust server CPU by sending a crafted request URI. Every default MVC application registers a built-in route whose compiled PCRE pattern contains a nested quantifier that Router::handle() evaluates against the raw request path on every request, so a path with repeated slashes followed by decoded newlines triggers catastrophic backtracking. There is no public exploit identified at time of analysis, and the CVSS 4.0 score of 8.7 reflects a high availability impact with no confidentiality or integrity effect.
Account takeover in Capgo before 12.128.2 stems from a password-change endpoint that omits current-password validation (CWE-620), letting an attacker who holds any temporary or low-privilege session set a new password without proving they know the old one. Because the CVSS 4.0 vector reflects a low-privilege (PR:L) network attacker with high confidentiality and integrity impact, a hijacked or briefly-borrowed session can be converted into permanent control, locking legitimate users out. No public exploit identified at time of analysis and the flaw is not on CISA KEV, so risk is credible but not confirmed as actively exploited.
Privilege escalation within RustDesk before 1.4.9 lets an authenticated peer that was granted only a limited session type (FileTransfer, PortForward, ViewCamera, or Terminal) send control messages and login options reserved for a full Remote session, because the server never re-validates a session's authorized scope. The result is that a peer given, for example, file-transfer-only access can observe and control the host's screen and input as if it held full remote-control rights. No public exploit has been identified at time of analysis, though the fixing pull request and commit are public, and no EPSS or CISA KEV data was supplied.
Sensitive credential disclosure in RabbitMQ affects installations running the management plugin with OAuth 2 configured via management.oauth_client_secret, prior to versions 3.13.15, 4.0.20, 4.1.11, and 4.2.6. The obsolete GET /api/auth endpoint returns the configured OAuth 2 client secret to unauthenticated callers, allowing any remote party with network reach to the management interface to harvest the credential and potentially impersonate the broker to its identity provider. No public exploit identified at time of analysis, and it is not listed in CISA KEV, though the fix and root cause are fully documented in the vendor GitHub Security Advisory GHSA-pj24-8j6m-vq9q.
{username}?task=save with data[password]. The saveUser handler checks that the caller has user-management rights but never verifies the caller is allowed to edit that specific target, an authorization gap (CWE-639) carrying a CVSS 4.0 score of 8.7. No public exploit identified at time of analysis; the fix is expected in 1.10.53.
Uncontrolled resource consumption in Grav flat-file CMS before 1.7.53 and 2.0.0-rc.8 lets a remote unauthenticated visitor crash or degrade a server by requesting on-the-fly image derivatives with absurdly large dimensions. Because Grav::fallbackUrl forwards URL query image actions such as forceResize straight to ImageMedium magic actions with no dimension or pixel ceiling, a single crafted request forces the server to allocate huge amounts of memory and CPU to build the derivative. No public exploit identified at time of analysis, but the attack is trivial and scriptable given the CVSS 4.0 VA:H, AV:N/AC:L/PR:N profile.
Missing authentication on the ST Engineering iDirect iQ200 satellite terminal exposes the /api/identity and /api/ REST endpoints to any unauthenticated party on the network, letting them harvest the serial number, Device ID (DID), Terminal Private Key identifier (TPK), MAC address, and firmware version. Because the DID and TPK underpin satellite-network authentication on the iDirect platform, the leaked identifiers can support terminal impersonation and targeted reconnaissance. Reported by CISA ICS-CERT (ICSA-26-183-01); no public exploit identified at time of analysis, and no EPSS score was provided.
Command execution allowlist bypass in PraisonAI before 4.6.78 lets a low-privileged attacker who can supply commands to the framework's restricted-execution feature slip past its shell-metacharacter filters by abusing find's built-in -exec, -execdir, and -delete actions. Because those actions run binaries and delete files entirely inside the find process, they never trip the metacharacter allowlist, so the attacker can read blocked files, delete arbitrary files, and launch non-allowlisted binaries. There is no public exploit identified at time of analysis and it is not in CISA KEV, but the CVSS 4.0 base score of 8.7 (High) reflects full loss of confidentiality, integrity, and availability of the affected system.
Information disclosure in Capgo before 12.128.2 lets unauthenticated remote attackers call the get_orgs_v7(userid) RPC endpoint with arbitrary user UUIDs to read foreign users' organization memberships, roles, management emails, and billing metadata. The endpoint remained publicly invokable despite intended private access controls, so any internet-facing Capgo deployment on an affected version exposes tenant data cross-account. No public exploit has been identified at time of analysis, though the trivial invocation pattern (supply a UUID) makes weaponization straightforward.
WAF filtering bypass in OWASP ModSecurity (libmodsecurity) before 3.0.16 lets remote unauthenticated attackers smuggle malicious payloads past inspection rules by exploiting a multipart/form-data parser differential. The engine silently strips embedded line breaks from non-file form-field values before populating ARGS and ARGS_POST, so any rule whose detection depends on a newline (e.g. command, header, or injection syntax spanning a line break) fails to match while the backend still receives and acts on the intact payload. No public exploit identified at time of analysis, but the CVSS base score of 8.6 reflects a scope-changing integrity impact on every application shielded by an affected deployment.
Arbitrary file write leading to remote code execution in the Frappe framework (versions prior to 15.112.0 and 16.23.0) allows a privileged user to abuse the Package Import feature, where tarfile members are extracted without adequate path validation (a TarSlip / path-traversal flaw, CWE-22). An attacker who can upload a crafted package tarball can write files outside the intended extraction directory to overwrite application files and achieve code execution as the Frappe service account. No public exploit identified at time of analysis, and the flaw is not listed in CISA KEV; the CVSS 4.0 base score is 8.6, reflecting high impact gated by a high-privilege prerequisite.
Authorization-model destruction in FlaskBB forum software (versions up to and including 2.2.0) lets an authenticated administrator wipe all six built-in permission groups through the management bulk-delete AJAX endpoint. Because the endpoint compares JSON integer group IDs against string literals, the guard meant to protect built-in groups never matches and silently allows their removal, collapsing the forum's entire permission model and potentially bricking the site. No public exploit identified at time of analysis; the flaw was reported by VulnCheck and is fixed in commit a5da9a5.
Authorization-gate bypass in 9Router (decolua/9router) before 0.5.2 lets a remote unauthenticated attacker reach protected upstream LLM functionality through the /codex/* path, which next.config.mjs rewrites to /api/v1/responses without ever passing through the dashboardGuard API-key check. Because src/dashboardGuard.js only allowlists /v1, /v1beta, /api/v1, and /api/v1beta — omitting /codex — attackers can force the server to make upstream provider calls billed to operator-stored LLM credentials. No public exploit identified at time of analysis; fixed in 0.5.2.
Stored and reflected cross-site scripting in Grist (grist-core) before 1.7.15 lets an attacker place a javascript: URL into an unvalidated link href and execute script in a victim's authenticated Grist origin on a single click. Two entry points are affected: the /welcome/select-account page reflects its next query parameter into account-button links, and the GristDocTour table's Link_URL column renders as a clickable tour button, so a document editor can plant a payload that runs when another user opens the document. Because the script executes as the victim, it can drive Grist APIs to read or modify data and change sharing/access rules, letting an editor escalate to owner-level control. There is no public exploit identified at time of analysis and it is not in CISA KEV.
Privilege escalation in Logto's self-hosted SAML IdP (before 1.41.0) lets an authenticated low-privilege user forge signed SAML attributes such as roles, enabling elevated access at any relying Service Provider that authorizes on SAML attributes. Because user-controlled profile fields (name, email, custom attribute-mapping values) were string-substituted into an unescaped XML template via samlify 2.10.0, an attacker embeds XML markup that Logto then cryptographically signs as legitimate. Rated CVSS 8.5 with scope change; no public exploit identified at time of analysis, but the fix is confirmed in release v1.41.0 with a corresponding GitHub advisory and commit.
Arbitrary Python code execution in PraisonAI (praisonaiagents) before 1.6.78 occurs when AgentFlow._resolve_pydantic_class resolves a string output_pydantic reference in a workflow step, causing the framework to import a sibling tools.py from the workflow file's directory via importlib exec_module without any sandboxing. Because this loader ignores the PRAISONAI_ALLOW_*_TOOLS environment guardrails, an attacker who supplies a malicious workflow file plus its tools.py runs code with the workflow runner's privileges the moment the workflow is executed via WorkflowManager or loaded through load_yaml. No public exploit is identified at time of analysis, and the flaw is not listed in CISA KEV.
Local privilege escalation to arbitrary command execution in Samsung Bixby (versions prior to 4.0.70.8) allows a malicious co-located Android app to invoke improperly exported application components and run commands with Bixby's elevated privilege level. Reported by Samsung Mobile Security and rated CVSS 4.0 base 8.5; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation requires attacker-controlled code already present on the device (e.g., a rogue installed app), not remote network access.
SQL injection in Dell PowerFlex Manager prior to version 5.1.0.1 allows a remote, low-privileged authenticated attacker to inject crafted SQL commands through the management interface, resulting in information disclosure and unauthorized access to data beyond the attacker's authorized scope. Rated CVSS 8.5 with a scope-changed vector, the flaw is reported by Dell (DSA-2026-066) and carries confidentiality impact; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Arbitrary code execution in Samsung's libpadm.so system library on Galaxy devices allows a local, low-privileged attacker to corrupt memory via an out-of-bounds write and run code in the context of the vulnerable component prior to the SMR Jul-2026 Release 1. The flaw was reported internally by Samsung Mobile Security and carries a CVSS 4.0 base score of 8.4 (high). No public exploit identified at time of analysis and it is not listed in CISA KEV.
Local privilege-escalating code execution in Samsung's libsavsac.so native library (used in Galaxy devices running firmware prior to the SMR Jul-2026 Release 1) allows a low-privileged local attacker to trigger an out-of-bounds write and execute arbitrary code in the context of the affected component. The flaw was reported by Samsung's own Mobile Security team and carries a CVSS 4.0 base score of 8.4 (High). No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.
Local privilege escalation to arbitrary code execution in Samsung's fabricKeymaster trustlet affects Galaxy devices running builds prior to the SMR Jul-2026 Release 1 security patch level. A local attacker who already holds privileged (root/system-level) access on the device can exploit a time-of-check-to-time-of-use race condition to run arbitrary code within the Keymaster trusted application, undermining the hardware-backed key store. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the flaw was reported directly by Samsung's own mobile security team.
Out-of-bounds write in Samsung's Quram image codec library (libimagecodec.media.quram.so) on Samsung Android devices lets remote attackers corrupt memory outside allocated bounds by delivering a malformed DNG (Adobe Digital Negative) raw image, prior to the SMR Jul-2026 Release 1 patch level. The flaw carries CVSS 4.0 8.3 (High) with a network attack vector, no privileges and no user interaction, but a present attack requirement (AT:P). No public exploit identified at time of analysis and it is not listed in CISA KEV.
Out-of-bounds memory write in the Quram image codec (libimagecodec.media.quram.so) used by Samsung mobile devices allows remote attackers to corrupt memory while the library parses a malformed TIFF image, affecting builds prior to SMR Jul-2026 Release 1. Reported by Samsung's own mobile security team, the flaw carries a CVSS 4.0 base score of 8.3 (High) with a network vector and no privileges or user interaction required, though an attack requirement (AT:P) indicates a specific precondition. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Integrity bypass in Chainguard's apko (and the shared logic in melange) allows a network attacker to swap the actual installed contents of an apk package while its signature check still passes, because apko validated only the control-section hash (.PKGINFO) against the signed APKINDEX and never verified the data-section hash. Anyone able to compromise a package mirror, poison a fetch cache, or MITM the download can therefore inject arbitrary files into images built with these tools. No public exploit is identified at time of analysis, and the flaw is not listed in CISA KEV.
Authentication bypass in 9Router (decolua/9router) versions prior to 0.5.2 lets remote unauthenticated attackers reach protected /v1/* proxy APIs because src/dashboardGuard.js trusts any request arriving over loopback. When 9Router runs behind a same-host reverse proxy that forwards public traffic through 127.0.0.1 - the standard production deployment - external requests are misclassified as local, exposing /v1/models and enabling abuse of configured upstream AI provider credentials. No public exploit identified at time of analysis; scored CVSS 8.3 with a scope change reflecting downstream provider-credential abuse.
Update-signing bypass in @capgo/capacitor-updater (capgo OTA plugin for Capacitor apps) before 12.128.2 undermines its end-to-end encryption by shipping the same private key to every device that downloads the app. Because the public verification key can be derived from that distributed private key, an attacker with a man-in-the-middle position or control of the Capgo delivery server can forge a validly signed update bundle and push attacker-controlled code to devices. Reported by VulnCheck with a CVSS 4.0 base score of 8.3; no public exploit identified at time of analysis and it is not listed in CISA KEV.
Unauthenticated arbitrary file write in EverOS, an AI-agent memory runtime by EverMind-AI, affects all versions prior to 1.0.1 via the POST /api/v1/memory/add ingestion endpoint. Because the per-message sender_id field is not sanitized as a path-safe identifier (unlike app_id and project_id), an attacker can supply ../ sequences that redirect where extracted memory episodes are written, letting a remote unauthenticated caller create or overwrite .md files outside the memory root with partially attacker-controlled content. No public exploit identified at time of analysis, and no EPSS score was provided, but the CVSS 8.2 rating and unauthenticated network reach make it a meaningful integrity risk for exposed instances.
Credential disclosure in R-SOFT DMS lets an attacker who obtains the stored superadmin password hash recover the plaintext password, because credentials are protected with a non-salted, nested MD5 hash that is trivially reversible via brute-force and precomputed rainbow tables. The superadmin account is high-value and cannot be rotated through the UI - the password can only be changed by editing the configuration file - so recovered credentials remain valid indefinitely. There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV.
Local privilege escalation in Lima (lima-vm) before 2.1.3 lets any unprivileged user inside a guest VM reach root when the instance runs the QEMU driver with the guest agent enabled. Because the world-reachable /run/lima-guestagent.sock exposes address tunneling - including Unix sockets for privileged daemons such as D-Bus - an in-guest attacker can proxy to root-owned services and execute arbitrary commands as root. No public exploit identified at time of analysis, and it is not listed in CISA KEV.
Authentication-bypass via timing side-channel in Phalcon's Crypt::decrypt (cphalcon PHP framework prior to 5.14.1) allows remote attackers to forge valid HMAC tags and have tampered ciphertext accepted as authentic. Because the HMAC verification uses PHP/Zephir identity comparison that short-circuits on the first mismatching byte, an attacker who can observe response timing can recover a valid tag byte-by-byte and break the encrypt-then-MAC integrity guarantee. There is no public exploit identified at time of analysis and it is not in CISA KEV, but the flaw is confirmed and patched by the vendor in 5.14.1.
Authentication bypass in 9Router (decolua/9router) before 0.5.2 lets a remote unauthenticated attacker forge a 'Host: localhost' header so the /v1 LLM proxy treats the request as local and skips API-key checks. Once past authentication, an attacker abuses stored provider credentials for upstream LLM calls and leverages /v1/search's searxng provider_options.baseUrl to force server-side requests to internal or cloud-metadata endpoints (SSRF). No public exploit identified at time of analysis, though the fixing commit is public, and EPSS/KEV signals are not provided.
Authentication bypass in the LoginPress Pro WordPress plugin (versions up to and including 6.2.3) lets unauthenticated attackers hijack any existing account, including administrators, by abusing the GitHub OAuth social-login callback. The loginpress_on_github_login() function binds the login session to profile[0]['email'] from GitHub's /user/emails endpoint without checking the verified flag, so an attacker who adds an unverified email matching a victim's account and triggers the callback can be logged in as that user. This maps to CWE-287 and carries a CVSS 8.1; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Object injection in the Drupal Tealium iQ Tag Management contributed module (versions before 2.4.0) lets authenticated attackers manipulate dynamically-determined object attributes to compromise data confidentiality and integrity. Because the CVSS vector (AV:N/AC:L/PR:L) indicates a low-privileged authenticated user over the network, any user with a foothold on the site can potentially abuse the flaw; there is no public exploit identified at time of analysis and the EPSS probability is low (0.42%). Drupal has published advisory SA-CONTRIB-2026-064 and released a fixed version.
Authentication bypass in the LoginPress Pro WordPress plugin (versions ≤ 6.2.3) lets unauthenticated attackers log in as any existing user - including Administrators - when the Spotify Social Login addon is enabled. The flaw stems from the plugin trusting the unverified email returned by Spotify's /v1/me endpoint to match and authenticate a WordPress account, so an attacker who registers a Spotify account with a victim's email gains that victim's session. No public exploit has been identified at time of analysis; CVSS is 8.1 with attack complexity rated High due to the required addon configuration.
Authentication bypass in the LoginPress Pro WordPress plugin (versions ≤ 6.2.3) lets unauthenticated attackers hijack any existing account - administrators included - by exploiting the Discord OAuth login handler, which trusts the email returned by Discord without checking Discord's verified flag. An attacker who knows a target's WordPress email registers a Discord account with that same (unverified) email and completes the normal OAuth flow to receive an authenticated session as the victim. No public exploit identified at time of analysis and it is not listed in CISA KEV, but the flaw was reported by Wordfence and is a full account-takeover primitive.