CVE-2026-14482
Last modified
CVE-2026-14482 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. The 多说社会化评论框 plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2. The vulnerability exists due to a missing capability and nonce check on a directly web-accessible API endpoint, combined with a trivially forgeable HMAC-SHA1 signature keyed on an always-empty WordPress option, which allows the endpoint's `update_option` handler to pass attacker-controlled `option` and `value` parameters directly to WordPress's `update_option` function without any allowlist or sanitization. EPSS estimates a 0.32% chance of exploitation in the next 30 days.
Description
The 多说社会化评论框 plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2. The vulnerability exists due to a missing capability and nonce check on a directly web-accessible API endpoint, combined with a trivially forgeable HMAC-SHA1 signature keyed on an always-empty WordPress option, which allows the endpoint's `update_option` handler to pass attacker-controlled `option` and `value` parameters directly to WordPress's `update_option` function without any allowlist or sanitization. This makes it possible for unauthenticated attackers to update arbitrary WordPress options — such as setting `default_role` to `administrator` and enabling open registration — and subsequently register an account with full administrator privileges.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| shen2 | 多说社会化评论框 | <= 1.2 |
References
Timeline
- Published
- Last Modified
- Status
- Deferred
Frequently Asked Questions
What is CVE-2026-14482?
How severe is CVE-2026-14482?
How do I fix CVE-2026-14482?
Related CVEs from 2026
- CVE-2026-1447The Mail Mint plugin for WordPress is vulnerable to Cross-Si…5.4
- CVE-2026-14471Improper Neutralization of Special Elements in the metrics-s…8.6
- CVE-2026-14474A flaw was found in SSSD's LDAP sudo provider. When the ldap…8.8
- CVE-2026-14475The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plug…4.9
- CVE-2026-14476A path traversal flaw was found in SSSD's AD GPO provider. T…8
- CVE-2026-1448A vulnerability was detected in D-Link DIR-615 up to 4.10. T…7.3
- CVE-2026-14487The Simple Coherent Form plugin for WordPress is vulnerable …9.1
- CVE-2026-14489The WHMCS Bridge plugin for WordPress is vulnerable to arbit…8.8
- CVE-2026-1449A flaw has been found in Hisense TransTech Smart Bus Managem…7.3
- CVE-2026-14495The DoLogin Security plugin for WordPress is vulnerable to A…8.8
- CVE-2026-1450The rognone plugin for WordPress is vulnerable to Reflected …6.1
- CVE-2026-14500The Bulk Order Update for WooCommerce plugin for WordPress i…5.3
Are you affected by CVE-2026-14482?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
