Tag
high
advisory
AcyMailing WordPress Plugin Missing Authorization Vulnerability (CVE-2026-5200)
2 rules 2 TTPs 1 CVEThe AcyMailing plugin for WordPress is vulnerable to a missing authorization issue (CVE-2026-5200), allowing authenticated attackers with subscriber-level access to modify privileged AcyMailing configuration, export subscriber secret keys, and potentially achieve administrator account takeover if the administrator's email address is known.
AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin <= 10.8.2
acymailing
wordpress
authorization-bypass
privilege-escalation
2r
2t
1c
critical
advisory
AcyMailing Plugin Privilege Escalation Vulnerability (CVE-2026-3614)
2 rules 1 TTP 1 CVEThe AcyMailing plugin for WordPress is vulnerable to privilege escalation (CVE-2026-3614), allowing authenticated attackers with subscriber-level access to gain administrative privileges.
wordpress
privilege-escalation
acymailing
2r
1t
1c