Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Modular DS WordPress plugin unauthenticated privilege escalation (CVE-2026-23550)

Vulnerability
First reported
Last updated
Happening score
H score 45
2 unique sources, 2 articles

Summary

Hide ▲

Active exploitation of CVE-2026-23550 in the Modular DS WordPress plugin puts all versions through 2.5.1 at risk of unauthenticated privilege escalation. The flaw can give attackers administrator access and lead to full site compromise, while 2.5.2 fixes the issue. Exploitation was observed in the wild on January 13, 2026 using /api/modular-connector/login/ to try to create an admin user.

Related Happenings

Funnel Builder plugin WordPress arbitrary JavaScript injection actively exploited security flaw

Vulnerability
First: 16.05.2026 18:20 Last: 16.05.2026 18:20 Sources 1

About this happening: **Funnel Builder** for **WordPress** is under **active exploitation** for arbitrary JavaScript injection into **WooCommerce checkout pages**, creating payment-skimming risk across...

Open Happening

WordPress.org closes compromised EssentialPlugin plugins with forced update

Security Tool/Service
First: 15.04.2026 23:33 Last: 15.04.2026 23:33 Sources 1

About this happening: **WordPress.org** closed the compromised **EssentialPlugin** plugins and forced an update, changing how affected sites received and ran the package. The move mattered because the...

Open Happening

OpenClaw ClawJacked localhost WebSocket brute-force security flaw

Vulnerability
First: 01.03.2026 23:44 Last: 01.03.2026 23:44 Sources 1

About this happening: **OpenClaw**’s **ClawJacked** vulnerability allowed a **malicious website** to brute-force a **localhost WebSocket** connection and take control of a local instance, putting **ses...

Open Happening

Quiz and Survey Master SQL injection mitigation (CVE-2025-67987)

Advisory/Mitigation
First: 03.02.2026 18:15 Last: 03.02.2026 18:15 Sources 1

About this happening: **Patchstack** published mitigation guidance for **CVE-2025-67987**, directing administrators to update **Quiz and Survey Master** to **version 10.3.2** to close a **SQL injection...

Open Happening

Service Finder WordPress theme active auth bypass exploitation wave (CVE-2025-5947)

Exploitation Wave
First: 08.10.2025 18:57 Last: 08.10.2025 18:57 Sources 1

About this happening: **CVE-2025-5947** is being exploited at scale against the **Service Finder WordPress theme**, with attackers using an authentication bypass to log in as administrators and take ov...

Open Happening

Timeline

  1. 15.01.2026 22:49 1 articles · 4mo ago

    Modular DS releases version 2.5.2 fix for CVE-2026-23550

    Mitigation Patch Update

    Modular DS released version 2.5.2 to fix CVE-2026-23550 after Patchstack confirmed the flaw and contacted the vendor. The update removed URL-based route matching, drove routing entirely through validated filter logic, added a default 404 route, and made unrecognized requests fail safely.

    Show sources
    Open in new tab
  2. 15.01.2026 17:31 1 articles · 4mo ago

    Modular DS WordPress plugin unauthenticated privilege escalation (CVE-2026-23550)

    Initial Disclosure

    By **January 13, 2026**, attackers were sending **GET** requests to **/api/modular-connector/login/** to try to create admin users through **CVE-2026-23550**. The flaw stems from a bypass of the plugin's authentication routing and can turn a low-friction request into **administrator access**.

    Show sources
    Open in new tab