CVE-2026-57692
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk21th percentile — higher than 21% of all known CVEs
Summary
The PrivateContent WordPress plugin contains an incorrect privilege assignment vulnerability that allows privilege escalation. This issue affects versions from n/a through 9.9.2.
Risk Assessment
An attacker can exploit this vulnerability to gain elevated privileges within the system, potentially leading to unauthorized access to sensitive data or full site compromise.
Recommendation
Immediately update the PrivateContent plugin to the latest available version that fixes this vulnerability. Also review the plugin's privilege configuration.
Original NVD description (English source)
Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation. This issue affects PrivateContent: from n/a through 9.9.2.

