PatchSiren

joeyoungblood CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH joeyoungblood CVE published 2026-07-10

CVE-2026-15293

The WP Business Intelligence Lite plugin for WordPress has an authorization bypass vulnerability in all versions up to and including 3.2.0. This vulnerability allows authenticated attackers with Subscriber-level access and above to modify stored SQL queries. When these modified queries are viewed by an administrator, it can lead to privilege escalation via arbitrary SQL execution.