Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
WordPress Rejects User Input, Leading to Unauthorized Access
CVE-2026-26256
Summary
A security weakness in some WordPress plugins allows attackers to bypass the login process and access restricted areas of the site. If not addressed, this could allow malicious users to gain unauthorized access to sensitive data and perform actions as an administrator. Update your plugins and ensure you're running the latest versions to protect your site.
Original title
Rejected reason: Not used
Original description
Rejected reason: Not used
Published: 13 Feb 2026 · Updated: 10 Mar 2026 · First seen: 6 Mar 2026