anonhaven
Ad

CVE-2026-3881

NONE
Updated Mar 31, 2026
WordPress
Parameter Value
Vendor WordPress
Public PoC No

The Performance Monitor WordPress plugin through 1.0.6 does not validate a parameter before making a request to it, which could allow unauthenticated users to perform SSRF attacks

References 1

https://wpscan.com/vulnerability/4b30421e-9848-45ce-87ab-0229d9d7df01/
contact@wpscan.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-4267

WordPress

7.2

CVE-2026-3191

WordPress

5.4

CVE-2026-3139

WordPress

4.3

CVE-2026-1877

WordPress

6.1

CVE-2026-1834

WordPress

6.4