CVE Catalog

CVE-2026-57692

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.29%

21th percentile — higher than 21% of all known CVEs

Summary

The PrivateContent WordPress plugin contains an incorrect privilege assignment vulnerability that allows privilege escalation. This issue affects versions from n/a through 9.9.2.

Risk Assessment

An attacker can exploit this vulnerability to gain elevated privileges within the system, potentially leading to unauthorized access to sensitive data or full site compromise.

Recommendation

Immediately update the PrivateContent plugin to the latest available version that fixes this vulnerability. Also review the plugin's privilege configuration.

Original NVD description (English source)

Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation. This issue affects PrivateContent: from n/a through 9.9.2.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS