CyberRota
← Ana sayfaya dön

CVE-2026-12583

UNKNOWN · CVSS N/A

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-14T06:17:05.900 · Çekilme zamanı: 2026-07-14T12:06:10.728467+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-12583
Severity
UNKNOWN
CVSS
N/A
EPSS
Yok
WordPress

Orijinal NVD Açıklaması

The Newsletters WordPress plugin before 4.15 does not prevent deserialization of untrusted input that is stored through a public form, allowing unauthenticated attackers to inject a PHP object and, via a property-oriented gadget chain bundled with the Newsletters WordPress plugin before 4.15, write arbitrary files and execute code on the server.