CVE-2026-1631

CVSS Score & Metrics

Base Score

5.4 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L                                    

Vulnerability Description

The Feeds for YouTube (YouTube video, channel, and gallery plugin) WordPress plugin before 2.6.4 is vulnerable to unauthorized modification of the Feeds for YouTube (YouTube video, channel, and gallery plugin) WordPress plugin before 2.6.4's license key due to a missing capability check on the 'actions' function. This makes it possible for subscribers and above delete the license key.

Vulnerability Details

Published Date

May 18, 2026

Last Modified

May 18, 2026

CWE ID

CWE-862

Source

NVD

External References

https://wpscan.com/vulnerability/b19596c2-69bc-4e15-8632-eb80f4577e3c/

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment