Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
WordPress Plugin 'WP Rocket' Allows Unauthenticated File Uploads
MINI-8c26-6rwf-qw8m
Summary
A security issue exists in a popular WordPress plugin called WP Rocket, which could allow an attacker to upload malicious files to a site without needing a password. This could lead to unauthorized access, data theft, or other malicious activity. WordPress site owners and administrators should update to the latest version of WP Rocket to fix this issue.
What to do
- Update openclaw to version 2026.4.2-r0.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| MinimOS | – | openclaw |
< 2026.4.2-r0 Fix: upgrade to 2026.4.2-r0
|
Original title
MINI-8c26-6rwf-qw8m
Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026