HOMEVULNERABILITIESCVE-2026-2023
MEDIUM

CVE-2026-2023

CWE-352Published: February 18, 2026· Updated: Feb 18, 2026

4.3
CVSS v3.1
EPSS:0.01%probability of exploitation in 30 daysPercentile:2.1th

Official Description

The WP Plugin Info Card plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.2.0. This is due to missing nonce validation in the ajax_save_custom_plugin() function, which is disabled by prefixing the check with 'false &&'. This makes it possible for unauthenticated attackers to create or modify custom plugin entries via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

NVD Source

Technical Analysis

CVE-2026-2023 can be exploited remotely over the network without requiring physical or adjacent access, significantly expanding the attack surface for threat actors.

Exploitation does not require any privileges, though user interaction (Required) is needed, which slightly reduces the risk of mass automated attacks.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorNetwork
Attack ComplexityLow
Privileges Req.None
User InteractionRequired
ScopeUnchanged
Impact
ConfidentialityNone
IntegrityLow
AvailabilityNone
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected Vendors & Products

Mentioned vendors (from description):
WordPress
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

News & Research Mentioning CVE-2026-2023

CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Alerts· Jun 25, 2026

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-12569 PTC Windchill and FlexPLM Improper Input Validation Vulnerability CVE-2026-20230 Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 26-04: Prioritizing Security Updates Based on Risk establishes vulnerability management requirements for Federal Civilian Executive Branch (FCEB) agencies. BOD 26-04 reinforces the importance of the KEV Catalog and requires federal agencies to prioritize rapid remedi [xlite_meta score:51 src:CISA Alerts xlite_fp:123426c67c18958f84ff87916058273a98913b405cb50016f94c861e9fae41a0]

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root
The Hacker News· Jun 24, 2026

Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME). The vulnerability, tracked as CVE-2026-20230 (CVSS score: 8.6), is a case of improper input validation for specific HTTP requests that could allow an unauthenticated, remote [xlite_meta score:50 src:The Hacker News xlite_fp:a8c246e57d3cb9203ef5c2a5c6acbb85ca73f795e7125e1a269e5b51a1438955]

Hackers Exploiting Cisco Unified CM Vulnerability
SecurityWeek· Jun 24, 2026

Cisco noted that a PoC had been available for CVE-2026-20230 when it announced patches in early June. The post Hackers Exploiting Cisco Unified CM Vulnerability appeared first on SecurityWeek. [xlite_meta score:50 src:SecurityWeek xlite_fp:8940714ad5798e30d3df20b8842501ad82400d3db7c893da594cfdf8473577da]

Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks
BleepingComputer· Jun 23, 2026

A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being exploited in attacks. [...] [xlite_meta score:61 src:BleepingComputer xlite_fp:09080507cbd2db2b925f1d7affe2e6b0927d38cb7d125e634f5d813cece82543]

Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
The Hacker News· Jun 4, 2026

Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root. It is tracked as CVE-2026-20230, and proof-of-concept exploit code is already public. Cisco's PSIRT says it has not seen the flaw used in attacks yet. The PoC shortens that runway. The flaw is a server-side request forgery. [xlite_meta score:53 src:The Hacker News xlite_fp:26e66527a2921de9aa271e2b2792d677bf53ecf796a27ba8dbc8c4de8d5b68f1]

All References (5)

Quick Facts

CVE IDCVE-2026-2023
CVSS Score4.3 / 10
SeverityMEDIUM
WeaknessCWE-352
CISA KEVNo
EPSS (30d)0.01%
PublishedFeb 18, 2026

Related CVEs (CWE-352)

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-2023 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.