CRITICAL
LoginPress
CVE published 2026-06-17
CVE-2026-49058
A critical vulnerability, CVE-2026-49058, was found in the LoginPress Pro plugin (versions <= 6.2.2). This vulnerability allows for unauthenticated privilege escalation, posing a significant risk to WordPress installations using the affected plugin. The CVSS score of 9.8 indicates a high severity level. Users of the LoginPress Pro plugin should take immediate action to mitigate this vulnerability.