CYBERHAWK / CVE / CVE-2026-6518

CVE-2026-6518

WordPress CMP Plugin

HIGH CVSS 8.8 vibe

The flaw

Arbitrary file upload via AJAX action with insufficient capability checks

What to do

Update plugin to >4.1.16

▸ Scan my repo for CVE-2026-6518

References

NVD CISA KEV OSV GitHub Advisory MITRE News search
First seen 2026-04-24 · Tracked by PickBits CyberHawk · Weekly CVE digest
← All CVEs RSS Scheduled audits