CYBERHAWK / CVE / CVE-2026-7537

CVE-2026-7537

HIGH CVSS 7.2 other

The flaw

The MDJM Event Management plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.7.8.3 via the mdjm_send_comm_email function. This is due to no file type, extension, or MIME type validation being

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-7537

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits