CVE Catalog

CVE-2026-56038

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.23%

14th percentile — higher than 14% of all known CVEs

Summary

Privilege escalation vulnerability in Frisbii Pay plugin for WordPress versions up to 1.8.2 allows contributors to gain unauthorized administrative access.

Risk Assessment

The risk involves potential takeover of the website by low-privileged users, leading to content modification, malware installation, or data theft.

Recommendation

Immediately update Frisbii Pay plugin to version 1.8.3 or later. If no update is available, temporarily disable the plugin until a patch is released.

Original NVD description (English source)

Contributor Privilege Escalation in Frisbii Pay <= 1.8.2 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS