PatchSiren cyber security CVE debrief
CVE-2026-7624 cifi CVE debrief
The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 12.4.16. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with contributor-level access and above, to invoke privileged state-changing Squirrly cloud API operations, such as revoking the site's Google Search Console and Google Analytics integrations via `api/gsc/revoke` and `api/ga/revoke`, that are otherwise restricted to administrator-level users holding the `sq_manage_settings` capability.
- Vendor
- cifi
- Product
- SEO Plugin by Squirrly SEO
- CVSS
- MEDIUM 4.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-06
- Original CVE updated
- 2026-06-08
- Advisory published
- 2026-06-06
- Advisory updated
- 2026-06-08
Who should care
Users of the SEO Plugin by Squirrly SEO plugin for WordPress, particularly those with contributor-level access and above, should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The vulnerability has a CVSS score of 4.3 and a CVSS severity of MEDIUM. The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N. The weakness is classified as CWE-862.
Defensive priority
MEDIUM
Recommended defensive actions
- Update the SEO Plugin by Squirrly SEO plugin to a version that is not vulnerable.
- Restrict access to the plugin's functionality to only authorized users.
- Monitor for suspicious activity related to the plugin's cloud API operations.
Evidence notes
The vulnerability was reported by [email protected] and is documented in the CVE record and NVD detail.
Official resources
CVE-2026-7624 was published on 2026-06-06T05:16:29.227Z and modified on 2026-06-08T14:57:14.757Z.