Critical Security Vulnerability

  • Dominik Kozmáli

    (@dominokozmali)


    3 days, 22 hours ago

    Hello,

    I’d like to report / follow up on a critical security
    vulnerability in the Read More & Accordion plugin
    (CVE-2026-7467, CVSS 8.8 High) that was recently
    disclosed by Wordfence Intelligence.

    Vulnerability summary:

    • Affected: all versions <= 3.5.7
    • Type: Privilege Escalation (Improper Privilege
      Management)
    • Publicly disclosed: May 19, 2026
    • Patched: No known patch available

    Technical details (from Wordfence):
    The RadMoreAjax::importData function does not restrict
    which database tables can be written to during import
    and does not properly validate the imported data. This
    allows authenticated attackers (with permissions granted
    by the site owner through the plugin’s role settings)
    to insert arbitrary rows into the wp_users and wp_usermeta
    tables – including the wp_capabilities field – and create
    a new administrator account.

    Impact for site owners:

    • Complete site takeover
    • Attacker gains full admin access
    • Affects every site running this plugin

    Wordfence’s recommendation: “No known patch available.
    Please review the vulnerability’s details in depth and
    employ mitigations based on your organization’s risk
    tolerance. It may be best to uninstall the affected
    software and find a replacement.”

    Questions:

    1. Is a security patch currently being developed?
    2. If yes, what is the expected release timeline?
    3. If no, is the plugin being discontinued? In that
      case, is there a recommended migration path or
      alternative plugin?

    Please advise on the next steps.

    Best regards,
    Dominik Kozmáli

You must be logged in to reply to this topic.

Tags