CVE-2026-6419

NVD data not available for this CVE. It may be pending analysis or not yet published.

Related Intelligence (1)

HIGHVulnerability

NVD HIGH: CVE-2026-6419 — The WishList Member plugin for WordPress is vulnerable to Privilege Escalation v...

The WishList Member plugin for WordPress is vulnerable to Privilege Escalation via Missing Authorization in versions up to and including 3.30.1. This is due to the missing capability and nonce check in the ajax_get_screen() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to supply an arbitrary admin screen identifier via the data[url] parameter

CVE-2026-6419
NIST NVD