CVE Catalog

CVE-2026-39527

MediumCVSS 5.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.29%

21th percentile — higher than 21% of all known CVEs

Summary

WpStream versions below 4.11.2 have a vulnerability allowing subscribers to upload arbitrary files.

Risk Assessment

This vulnerability may lead to unauthorized access to the system and potential introduction of malicious software.

Recommendation

It is recommended to update WpStream to version 4.11.2 or newer to mitigate this vulnerability.

Original NVD description (English source)

Subscriber Arbitrary File Upload in WpStream < 4.11.2 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS