CVE Catalog

CVE-2026-56030

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.33%

25th percentile — higher than 25% of all known CVEs

Summary

A vulnerability in the Paytium plugin versions up to 5.0.2 allows an unauthenticated attacker to escalate privileges. This means a person without a valid account can gain higher privileges in the system.

Risk Assessment

The risk is that an unauthenticated attacker can take over an administrator account or gain access to sensitive functions, potentially leading to full compromise of the WordPress site.

Recommendation

It is recommended to immediately update the Paytium plugin to version 5.0.3 or later, which includes a fix for this vulnerability.

Original NVD description (English source)

Unauthenticated Privilege Escalation in Paytium <= 5.0.2 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS