Skip to main content

Vitepos

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-8157 HIGH POC PATCH This Week

The Vitepos WordPress plugin before 3.4.2 does not properly restrict the roles that can be assigned when creating new users via one of its REST API endpoints, allowing authenticated users with a custom Vitepos WordPress plugin before 3.4.2 role to escalate privileges to administrator.

Privilege Escalation WordPress Vitepos
NVD WPScan VulDB
CVSS 3.1
8.8
CVE-2026-8157
CVSS 8.8
HIGH POC PATCH This Week

The Vitepos WordPress plugin before 3.4.2 does not properly restrict the roles that can be assigned when creating new users via one of its REST API endpoints, allowing authenticated users with a custom Vitepos WordPress plugin before 3.4.2 role to escalate privileges to administrator.

Privilege Escalation WordPress Vitepos
NVD WPScan VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy