Tag

Xml-Rpc

1 brief RSS

CVE-2026-8832 - WPCode WordPress Plugin Remote Code Execution Vulnerability

The WPCode WordPress plugin before or equal to 2.3.5 is vulnerable to remote code execution due to missing capability restrictions on the 'wpcode' custom post type, allowing authenticated attackers with author-level access to execute arbitrary PHP code via XML-RPC.

WPCode - Insert Headers and Footers + Custom Code Snippets - WordPress Code Manager plugin <= 2.3.5 wordpress rce cve-2026-8832 xml-rpc

2r 1t 1c 3h ago