CVE-2026-12407 - E2Pdf <= 1.32.26 - Missing Authorization to Authenticated (Custom+) Arbitrary Option Update / Privilege Escalation via 'screen_action' Parameter
CVE ID :CVE-2026-12407 Published : June 18, 2026, 3:41 a.m. | 5 hours, 27 minutes ago Description :The E2Pdf – Export Pdf Tool for WordPress plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.32.26. This is due to the screen_action() function...