NewsSecurity Vulnerabilities

WordPress Modular DS Plugin 2.5.2 is vulnerable to a high priority Privilege Escalation (CVE-2026-23800)

CVE number = CVE-2026-23800

This could allow a malicious actor to escalate their low privileged account to something with higher privileges.

After this they could take full control of the website if high privileges are gained.

Patchstack has issued a mitigation rule to block any attacks until you have updated to a fixed version.

Update to version 2.6.0 or later to resolve the vulnerability. 

Patchstack users can turn on auto-update for vulnerable plugins only.

Further details – https://patchstack.com/database/wordpress/plugin/modular-connector/vulnerability/wordpress-modular-ds-plugin-2-5-2-privilege-escalation-vulnerability?_s_id=cve

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.