CVE Catalog

CVE-2026-49043

MediumCVSS 4.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

There is an unauthenticated Cross Site Request Forgery (CSRF) vulnerability in WP Migrate Lite versions <= 2.7.8. An attacker can exploit this flaw to perform unauthorized actions on behalf of the user.

Risk Assessment

Organizations using the vulnerable version of WP Migrate Lite may be exposed to unauthorized operations, potentially leading to data loss or system integrity breaches.

Recommendation

It is recommended to update WP Migrate Lite to the latest version to mitigate this vulnerability and implement additional security measures against CSRF attacks.

Original NVD description (English source)

Unauthenticated Cross Site Request Forgery (CSRF) in WP Migrate Lite <= 2.7.8 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS