Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
WordPress Plugin File Editor Vulnerability in WordPress
MINI-wv7h-wv6w-xgcr
Summary
An unauthenticated attacker can inject malicious code into WordPress plugins, potentially allowing them to gain control of the website. This vulnerability affects all WordPress sites using the File Editor plugin. To protect your site, update to the latest version of the plugin or remove it if possible.
What to do
- Update karpenter-1.9 to version 1.9.0-r2.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | karpenter-1.9 | <= 1.9.0-r2 | 1.9.0-r2 |
Original title
MINI-wv7h-wv6w-xgcr
Published: 12 Apr 2026 · Updated: 12 Apr 2026 · First seen: 12 Apr 2026