CyberRota
← Ana sayfaya dön

CVE-2026-12907

UNKNOWN · CVSS N/A

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-16T07:16:47.490 · Çekilme zamanı: 2026-07-16T12:08:05.592166+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-12907
Severity
UNKNOWN
CVSS
N/A
EPSS
Yok
WordPress

Orijinal NVD Açıklaması

The RTMKit WordPress plugin before 2.0.9 does not perform a proper capability check on one of its -builder AJAX actions, allowing users with at least the Author role to create and activate a site-wide template that overrides the header, footer or other global areas displayed to all visitors, which is normally restricted to administrators.