CVE Catalog
CVE-2026-54833
HighCVSS 7.4Summary
The Enable CORS plugin versions up to 2.0.3 contain an unauthenticated backdoor that can be exploited by an unauthorized attacker.
Risk Assessment
An unauthenticated attacker can gain unauthorized access to the system, potentially leading to full compromise of the WordPress site.
Recommendation
Immediately update the Enable CORS plugin to the latest available version that fixes this vulnerability.
Original NVD description (English source)
Unauthenticated Backdoor in Enable CORS <= 2.0.3 versions.

