GHSA-4vqg-xgxp-xqghMediumCVSS 4.3
The Generate Security.txt plugin for WordPress is vulnerable to authorization bypass in all...
🔗 CVE IDs covered (1)
📋 Description
The Generate Security.txt plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.0.12. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete the site's security.txt file from the server filesystem or create the .well-known directory by directly invoking the delete_securitytxt or create_wellknown_folder AJAX actions.
🔗 References (9)
- https://nvd.nist.gov/vuln/detail/CVE-2026-9616
- https://plugins.trac.wordpress.org/browser/generate-security-txt/tags/1.0.11/admin/class-generate-security-txt-admin.php#L174
- https://plugins.trac.wordpress.org/browser/generate-security-txt/tags/1.0.11/admin/class-generate-security-txt-admin.php#L1930
- https://plugins.trac.wordpress.org/browser/generate-security-txt/tags/1.0.11/admin/class-generate-security-txt-admin.php#L1963
- https://plugins.trac.wordpress.org/browser/generate-security-txt/tags/1.0.12/admin/class-generate-security-txt-admin.php#L174
- https://plugins.trac.wordpress.org/browser/generate-security-txt/tags/1.0.12/admin/class-generate-security-txt-admin.php#L1930
- https://plugins.trac.wordpress.org/browser/generate-security-txt/tags/1.0.12/admin/class-generate-security-txt-admin.php#L1963
- https://www.wordfence.com/threat-intel/vulnerabilities/id/b8d88cc2-91e4-4e53-8c46-93d6ce8bc320?source=cve
- https://github.com/advisories/GHSA-4vqg-xgxp-xqgh