PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-6440 sovlix CVE debrief

The GoodMeet – Google Meet Integration for Webinar, Meeting & Video Conference plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.1.8. This is due to a missing nonce verification in the reset_credential() function, which handles the wp_ajax_goodmeet_reset_google_meet_credential AJAX action. While the function does verify the user's capability (manage_options), it does not validate a nonce, making it susceptible to CSRF attacks.

Vendor
sovlix
Product
GoodMeet – Google Meet Integration for Webinar, Meeting & Video Conference
CVSS
MEDIUM 4.3
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-10
Original CVE updated
2026-07-10
Advisory published
2026-07-10
Advisory updated
2026-07-10

Who should care

Users of the GoodMeet – Google Meet Integration for Webinar, Meeting & Video Conference plugin for WordPress, particularly those with version 1.1.8 or earlier installed, should be aware of this vulnerability and take steps to mitigate it.

Technical summary

The GoodMeet – Google Meet Integration for Webinar, Meeting & Video Conference plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) due to a missing nonce verification in the reset_credential() function. This function handles the wp_ajax_goodmeet_reset_google_meet_credential AJAX action and only verifies the user's capability (manage_options), but not a nonce. This makes it possible for unauthenticated attackers to trick a site administrator into clicking a malicious link that will reset (delete) the plugin's stored Google Meet API credentials (goodmeet_google_credentials) and OAuth tokens (goodmeet_google_token), effectively disabling the Google Meet integration on the site.

Defensive priority

Medium priority should be given to updating the GoodMeet – Google Meet Integration for Webinar, Meeting & Video Conference plugin to a version that fixes this vulnerability.

Recommended defensive actions

  • Update the GoodMeet – Google Meet Integration for Webinar, Meeting & Video Conference plugin to a version that fixes this vulnerability.
  • Implement additional security measures such as validating nonces for AJAX actions.
  • Monitor for suspicious activity related to the plugin's functionality.
  • Review compensating controls for exposed systems while remediation is scheduled and verified.
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review.
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented.
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.

Evidence notes

The vulnerability was reported by [email protected] and is publicly disclosed in the CVE-2026-6440 record. Evidence is limited to reporter claims and CVE details. Defenders should verify the plugin version and check for updates. The GoodMeet – Google Meet Integration for Webinar, Meeting & Video Conference plugin for WordPress stores Google Meet API credentials (goodmeet_google_credentials) and OAuth tokens (goodmeet_google_token) which could be reset by exploiting this vulnerability.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-10T09:16:53.820Z and has not been modified since then.