Tag
high
advisory
Perfmatters WordPress Plugin Arbitrary File Overwrite Vulnerability (CVE-2026-4351)
2 rules 2 TTPs 1 CVEThe Perfmatters plugin for WordPress is vulnerable to arbitrary file overwrite via path traversal, allowing authenticated attackers with subscriber-level access to overwrite arbitrary files on the server with a fixed PHP docblock content, potentially causing denial of service.
wordpress
perfmatters
file-overwrite
path-traversal
2r
2t
1c
critical
advisory
Perfmatters WordPress Plugin Arbitrary File Deletion Vulnerability (CVE-2026-4350)
2 rules 1 TTP 1 CVEThe Perfmatters plugin for WordPress versions up to 2.5.9.1 is vulnerable to arbitrary file deletion via path traversal, allowing authenticated attackers with minimal privileges to delete sensitive files.
cve-2026-4350
wordpress
perfmatters
file-deletion
path-traversal
2r
1t
1c