WordPress Modular DS Plugin 2.5.2 is vulnerable to a high priority Privilege Escalation (CVE-2026-23800)
CVE number = CVE-2026-23800
This could allow a malicious actor to escalate their low privileged account to something with higher privileges.
After this they could take full control of the website if high privileges are gained.
Patchstack has issued a mitigation rule to block any attacks until you have updated to a fixed version.
Update to version 2.6.0 or later to resolve the vulnerability.
Patchstack users can turn on auto-update for vulnerable plugins only.
Further details – https://patchstack.com/database/wordpress/plugin/modular-connector/vulnerability/wordpress-modular-ds-plugin-2-5-2-privilege-escalation-vulnerability?_s_id=cve

I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.
