EUVD-2026-23136

| CVE-2026-4880 CRITICAL
2026-04-15 Wordfence GHSA-p8x8-wgf2-jrjm
Privilege Escalation WordPress
9.8
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Updated
Apr 16, 2026 - 00:27 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Apr 16, 2026 - 00:22 vuln.today
cvss_changed
Analysis Generated
Apr 16, 2026 - 00:20 vuln.today

DescriptionNVD

The Barcode Scanner (+Mobile App) - Inventory manager, Order fulfillment system, POS (Point of Sale) plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied Base64-encoded user ID in the token parameter to identify users, leaking valid authentication tokens through the 'barcodeScannerConfigs' action, and lacking meta-key restrictions on the 'setUserMeta' action. This makes it possible for unauthenticated attackers to escalate their privileges to that of an administrator by first spoofing the admin user ID to leak their authentication token, then using that token to update any user's 'wp_capabilities' meta to gain full administrative access.

AnalysisAI

Privilege escalation to WordPress administrator via insecure token-based authentication in Barcode Scanner (+Mobile App) plugin versions ≤1.11.0 allows remote unauthenticated attackers to gain full administrative control. The plugin leaks valid admin authentication tokens through the 'barcodeScannerConfigs' action and accepts Base64-encoded user IDs without validation, enabling attackers to spoof admin credentials, extract legitimate tokens, and modify any user's 'wp_capabilities' meta to grant themselves administrator privileges. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Identify all WordPress installations using Barcode Scanner plugin ≤1.11.0 via plugin inventory and security scanning tools; disable or remove the affected plugin immediately if use is not critical. Within 7 days: Update to Barcode Scanner plugin version 1.11.1 or later (vendor patch deployed in changeset 3506824), verify update completion across all instances, and review WordPress admin user accounts for unauthorized changes or additional accounts created. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

EUVD-2026-23136 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy