MEDIUM
clorith
CVE published 2026-05-27
CVE-2026-3279
The Enable jQuery Migrate Helper plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `downgrade_jquery_version()` function in all versions up to, and including, 1.4.1. The function only verifies a nonce without checking user capabilities, allowing authenticated attackers with Subscriber-level access and above to downgrade the site-wide jQuery ve [truncated]