MEDIUM
devozon
CVE published 2026-07-17
CVE-2026-8616
The Fense Proxy & VPN Blocker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce validation on the fense_bpvt_save_settings() function in versions up to, and including, 3.0.1. This vulnerability allows unauthenticated attackers to delete plugin options and transients, effectively resetting the plugin's API key/data cache and forcing [truncated]