PatchSiren cyber security CVE debrief
CVE-2026-49083 LatePoint CVE debrief
CVE-2026-49083 is a HIGH severity vulnerability (CVSS Score: 7.5) in the LatePoint plugin versions <= 5.5.1. This vulnerability allows for contributor privilege escalation. The CVE was published on 2026-06-15T21:17:20.150Z and last modified on 2026-06-15T21:24:32.790Z.
- Vendor
- LatePoint
- Product
- Unknown
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of LatePoint plugin versions <= 5.5.1 should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The vulnerability has a CVSS vector of CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H and is classified under CWE-266. It was reported by [email protected].
Defensive priority
HIGH
Recommended defensive actions
- Update LatePoint plugin to a version greater than 5.5.1.
- Refer to [ref-4](https://patchstack.com/database/wordpress/plugin/latepoint/vulnerability/wordpress-latepoint-plugin-5-5-1-privilege-escalation-vulnerability?_s_id=cve) for mitigation or vendor reference.
Evidence notes
The vendor and product information is currently unknown, but there is evidence from Patchstack that suggests the vulnerability is in the LatePoint plugin.
Official resources
-
CVE-2026-49083 CVE record
CVE.org
-
CVE-2026-49083 NVD detail
NVD
-
Source item URL
nvd_modified
- Mitigation or vendor reference
CVE-2026-49083 was published on 2026-06-15T21:17:20.150Z and last modified on 2026-06-15T21:24:32.790Z.