CVE Catalog
CVE-2026-39527
MediumCVSS 5.4Exploitation Probability (EPSS)
Low risk0.29%
21th percentile — higher than 21% of all known CVEs
Summary
WpStream versions below 4.11.2 have a vulnerability allowing subscribers to upload arbitrary files.
Risk Assessment
This vulnerability may lead to unauthorized access to the system and potential introduction of malicious software.
Recommendation
It is recommended to update WpStream to version 4.11.2 or newer to mitigate this vulnerability.
Original NVD description (English source)
Subscriber Arbitrary File Upload in WpStream < 4.11.2 versions.

