PatchSiren cyber security CVE debrief
CVE-2026-1946 nandhiniwp CVE debrief
The GW AI Website Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the gwaiwebu_gravitywrite_disconnect_handler() function in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to disconnect the plugin from GravityWrite via the 'gwaiwebu_gravitywrite_disconnect' AJAX action. The vulnerability has a CVSS score of 4.3 and a severity of MEDIUM. Users of the GW AI Website Builder plugin for WordPress should be aware of this vulnerability and take steps to protect their sites.
- Vendor
- nandhiniwp
- Product
- GW AI Website Builder
- CVSS
- MEDIUM 4.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-10
- Original CVE updated
- 2026-07-10
- Advisory published
- 2026-07-10
- Advisory updated
- 2026-07-10
Who should care
Users of the GW AI Website Builder plugin for WordPress, particularly those with Subscriber-level access and above, should be aware of this vulnerability and take steps to protect their sites. Affected operator, platform, vulnerability-management, and security-team impact should be reviewed.
Technical summary
The GW AI Website Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the gwaiwebu_gravitywrite_disconnect_handler() function. This allows authenticated attackers with Subscriber-level access and above to disconnect the plugin from GravityWrite via the 'gwaiwebu_gravitywrite_disconnect' AJAX action. Affected product deployments should be reviewed for exposure.
Defensive priority
Medium priority should be given to updating the GW AI Website Builder plugin to a version that includes a capability check for the gwaiwebu_gravitywrite_disconnect_handler() function.
Recommended defensive actions
- Update the GW AI Website Builder plugin to the latest version.
- Restrict access to the 'gwaiwebu_gravitywrite_disconnect' AJAX action.
- Monitor for suspicious activity related to the plugin.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
Evidence notes
The CVE record was published on 2026-07-10T09:16:53.540Z and was last modified on 2026-07-10T15:43:30.330Z. The NVD entry is currently Deferred. The GW AI Website Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the gwaiwebu_gravitywrite_disconnect_handler() function in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to disconnect the plugin from GravityWrite via the 'gwaiwebu_gravitywrite_disconnect' AJAX action. Evidence limits suggest verifying plugin versions and access controls.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-10T09:16:53.540Z and has not been modified since then. The NVD entry is currently Deferred.