CVE ID :CVE-2026-7761 Published : June 24, 2026, 6:49 a.m. | 6 hours, 21 minutes ago Description :The Ultimate Member plugin for WordPress is vulnerable to Account Takeover via Password Reset Link Disclosure in all versions up to and including 2.11.4. This is due to a chain of three logic...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-7761 - Ultimate Member <= 2.11.4 - Authenticated (Contributor+) Account Takeover via Password Reset Link Disclosure

VERWANDTEARTIKEL

PoC Exploit Released for Microsoft Exchange Server Elevation of Privilege Vulnerability

Laravel Livewire Applications Compromised to Steal Credentials Exploiting RCE Vulnerability

CVE-2026-11878 - Reflected Cross-Site Scripting vulnerability in OpenText Access Manager

CVE-2026-12537 - Unauthenticated Remote Code Execution in Gemini CLI CI/CD Workflows

CVE-2026-35025 - ProFTPD ACL Bypass via /proc/self/root Path Prefix in RNFR

Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild