CVE-2026-24611 is a critical vulnerability in the MetForm Pro plugin for WordPress, affecting versions up to and including 3.9.1. The vulnerability is caused by unauthenticated broken access control, which could allow attackers to access sensitive information or perform unauthorized actions. With a CVSS score of 9.1, this vulnerability is considered critical and requires immediate attention. Users of the [truncated]
On June 17, 2026, a medium-severity vulnerability (CVSS score of 4.3) was disclosed in the MetForm Pro plugin, affecting versions up to 3.9.1. This vulnerability allows subscribers to bypass access controls, potentially leading to unauthorized actions. The issue was reported by Patchstack and is tracked as CVE-2026-24610. Users of the affected plugin should take immediate action to mitigate potential risk [truncated]
CVE-2026-54197 is a MEDIUM severity vulnerability (CVSS score: 6.5) affecting GetGenie plugin versions <= 4.4.1. This vulnerability allows unauthenticated sensitive data exposure. The CVE was published and modified on 2026-06-16T10:16:28.607Z. The vendor and product information is currently unknown, but evidence suggests a connection to Patchstack. A mitigation or vendor reference is available [ref-4].
CVE-2026-49053 is a Missing Authorization vulnerability in the ElementsKit Elementor addons Lite WordPress plugin, affecting versions up to and including 3.9.6. The vulnerability allows exploitation of incorrectly configured access control security levels, potentially enabling unauthorized access to functionality that should be restricted. The issue was published to the CVE List on May 27, 2026, and carri [truncated]
A Missing Authorization vulnerability in the ElementsKit Elementor addons Lite WordPress plugin allows authenticated users with low privileges to exploit incorrectly configured access control security levels. The vulnerability affects versions up to and including 3.9.6. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) indicates network attack vector, low attack complexity, low privileges required [truncated]