CVE-2026-1003 in GetGenie Pluginthông tin

Tóm tắt

Bởi MITRE • 16/01/2026

The GetGenie plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.3.0. This is due to the plugin not properly verifying that a user is authorized to delete a specific post. This makes it possible for authenticated attackers, with Author-level access and above, to delete any post on the WordPress site, including posts authored by other users.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Tiết lộ

16/01/2026

Kiểm duyệt

được chấp nhận

mục

VDB-341429

CPE

sẵn sàng

CWE

CWE-862 (Đã xác nhận)

CVSS

4.3 (CNA)

EPSS

0.00045

KEV

không

Các hoạt động

rất thấp

ngành

Hostingprovider

Nguồn

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-1003
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-1003
CVE Details	https://www.cvedetails.com/cve/CVE-2026-1003/

◂ Trước Tổng Quan Tiếp theo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!