CVE-2026-4297 - Welcome Software Publishing <= 0.0.31 - Authenticated (Subscriber+) Arbitrary Options Update to Privilege Escalation via 'nc.setOption' XML-RPC Method
CVE ID :CVE-2026-4297 Published : June 24, 2026, 5:33 a.m. | 3 hours, 37 minutes ago Description :The Welcome Software Publishing plugin for WordPress is vulnerable to Arbitrary Options Update in all versions up to and including 0.0.31. This is due to a missing capability check in the...