{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/infusedwoo-pro-plugin-for-wordpress--5.1.2/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":9.1,"id":"CVE-2026-6512"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["InfusedWoo Pro plugin for WordPress \u003c= 5.1.2"],"_cs_severities":["critical"],"_cs_tags":["cve","wordpress","authorization bypass","web application","plugin vulnerability"],"_cs_type":"advisory","_cs_vendors":["Wordpress"],"content_html":"\u003cp\u003eThe InfusedWoo Pro plugin for WordPress, in versions up to and including 5.1.2, suffers from an authorization bypass vulnerability identified as CVE-2026-6512. This flaw stems from the plugin\u0026rsquo;s failure to adequately verify user authorization before executing certain actions. An unauthenticated attacker can exploit this vulnerability to perform a range of administrative tasks, including permanently deleting arbitrary posts, pages, products, or orders, mass-deleting all comments on any post, and altering the status of any post. This vulnerability poses a significant risk to WordPress sites using the InfusedWoo Pro plugin, potentially leading to data loss and defacement.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker sends a crafted HTTP request to the WordPress site.\u003c/li\u003e\n\u003cli\u003eThe request targets an InfusedWoo Pro plugin endpoint responsible for managing posts, pages, products, orders, or comments.\u003c/li\u003e\n\u003cli\u003eThe vulnerable endpoint fails to properly validate the user\u0026rsquo;s authorization level.\u003c/li\u003e\n\u003cli\u003eThe attacker\u0026rsquo;s request includes parameters specifying the action to be performed (e.g., delete post, delete comments, change status).\u003c/li\u003e\n\u003cli\u003eThe plugin executes the attacker\u0026rsquo;s command without proper authorization checks.\u003c/li\u003e\n\u003cli\u003eThe targeted content (post, page, product, order, or comments) is modified or deleted as per the attacker\u0026rsquo;s request.\u003c/li\u003e\n\u003cli\u003eThe attacker repeats this process to further compromise the website.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-6512 allows unauthenticated attackers to perform administrative actions on a WordPress site using the InfusedWoo Pro plugin. This can lead to the permanent deletion of critical data, including posts, pages, products, orders, and comments. Attackers can also manipulate the status of posts, potentially causing disruption to the website\u0026rsquo;s content and functionality. Given the widespread use of WordPress and the InfusedWoo Pro plugin, a successful exploit could impact numerous websites.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade the InfusedWoo Pro plugin to the latest version, which includes a patch for CVE-2026-6512.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rules provided below to your SIEM to detect potential exploitation attempts of CVE-2026-6512.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious HTTP requests targeting WordPress plugins, specifically those related to deleting or modifying content, to detect anomalies related to CVE-2026-6512.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-14T09:17:00Z","date_published":"2026-05-14T09:17:00Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-6512-infusedwoo/","summary":"The InfusedWoo Pro plugin for WordPress is vulnerable to an authorization bypass (CVE-2026-6512) in versions up to 5.1.2, allowing unauthenticated attackers to delete posts, pages, products, orders, comments, and change post statuses.","title":"InfusedWoo Pro Plugin for WordPress Authorization Bypass (CVE-2026-6512)","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-6512-infusedwoo/"}],"language":"en","title":"CraftedSignal Threat Feed — InfusedWoo Pro Plugin for WordPress \u003c= 5.1.2","version":"https://jsonfeed.org/version/1.1"}