Product

InfusedWoo Pro Plugin <= 5.1.2

2 briefs RSS

CVE-2026-6506: InfusedWoo Pro WordPress Plugin Privilege Escalation

The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation in versions up to 5.1.2 due to missing authorization checks in the infusedwoo_gdpr_upddata() function, allowing authenticated attackers to grant themselves administrator privileges.

InfusedWoo Pro plugin <= 5.1.2 privilege-escalation wordpress plugin

2r 1t 1c 1h ago

critical advisory

CVE-2026-6510: InfusedWoo Pro WordPress Plugin Privilege Escalation

1 rule 1 TTP 1 CVE

The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation due to missing nonce verification and capability checks in the iwar_save_recipe() AJAX handler, allowing unauthenticated attackers to create malicious automation recipes for auto-login actions.

InfusedWoo Pro plugin <= 5.1.2 privilege-escalation initial-access wordpress

1r 1t 1c 1h ago