MEDIUM
WpMobi
CVE published 2026-06-09
CVE-2026-8909
CVE-2026-8909 is a Cross-Site Request Forgery (CSRF) vulnerability in the WpMobi plugin for WordPress. The vulnerability affects all versions up to and including 0.0.3. An attacker can exploit this vulnerability by tricking an administrator into performing an action such as clicking on a link, allowing the attacker to modify the plugin's General Settings and inject arbitrary web scripts into the administr [truncated]