{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1925", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-02-04T19:32:44.061Z", "datePublished": "2026-02-18T04:35:46.791Z", "dateUpdated": "2026-04-08T17:32:23.607Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:32:23.607Z"}, "affected": [{"vendor": "roxnor", "product": "EmailKit \u2013 Email Customizer for WooCommerce & WP", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.6.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The EmailKit \u2013 Email Customizer for WooCommerce & WP plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the 'update_template_data' function in all versions up to, and including, 1.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify the title of any post on the site, including posts, pages, and custom post types."}], "title": "EmailKit \u2013 Email Customizer for WooCommerce & WP <= 1.6.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Title Modification", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f131ea1e-d652-4854-abea-6a307ca8118f?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/emailkit/tags/1.6.2/includes/Admin/EmailKitAjax.php#L150"}, {"url": "https://plugins.trac.wordpress.org/browser/emailkit/trunk/includes/Admin/EmailKitAjax.php#L150"}, {"url": "https://plugins.trac.wordpress.org/changeset/3456972/emailkit/trunk?contextall=1&old=3419280&old_path=%2Femailkit%2Ftrunk#file1"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Chiao-Lin Yu"}], "timeline": [{"time": "2026-02-04T19:47:56.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-02-17T16:26:56.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-18T12:25:26.584540Z", "id": "CVE-2026-1925", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-18T12:53:36.600Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1925", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-18T12:25:26.584540Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-18T12:25:27.308Z"}}], "cna": {"title": "EmailKit \u2013 Email Customizer for WooCommerce & WP <= 1.6.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Title Modification", "credits": [{"lang": "en", "type": "finder", "value": "Chiao-Lin Yu"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "roxnor", "product": "EmailKit \u2013 Email Customizer for WooCommerce & WP", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.6.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-02-04T19:47:56.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2026-02-17T16:26:56.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f131ea1e-d652-4854-abea-6a307ca8118f?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/emailkit/tags/1.6.2/includes/Admin/EmailKitAjax.php#L150"}, {"url": "https://plugins.trac.wordpress.org/browser/emailkit/trunk/includes/Admin/EmailKitAjax.php#L150"}, {"url": "https://plugins.trac.wordpress.org/changeset/3456972/emailkit/trunk?contextall=1&old=3419280&old_path=%2Femailkit%2Ftrunk#file1"}], "descriptions": [{"lang": "en", "value": "The EmailKit \u2013 Email Customizer for WooCommerce & WP plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the 'update_template_data' function in all versions up to, and including, 1.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify the title of any post on the site, including posts, pages, and custom post types."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:32:23.607Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1925", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:32:23.607Z", "dateReserved": "2026-02-04T19:32:44.061Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-02-18T04:35:46.791Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The EmailKit \u2013 Email Customizer for WooCommerce & WP plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the 'update_template_data' function in all versions up to, and including, 1.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify the title of any post on the site, including posts, pages, and custom post types."}, {"lang": "es", "value": "El plugin EmailKit \u2013 Email Customizer para WooCommerce &amp; WP para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n update_template_data en todas las versiones hasta la 1.6.2, inclusive. Esto hace posible que atacantes autenticados, con acceso de nivel Suscriptor y superior, modifiquen el t\u00edtulo de cualquier entrada en el sitio, incluyendo entradas, p\u00e1ginas y tipos de entrada personalizados."}], "id": "CVE-2026-1925", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-02-18T05:16:28.803", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/emailkit/tags/1.6.2/includes/Admin/EmailKitAjax.php#L150"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/emailkit/trunk/includes/Admin/EmailKitAjax.php#L150"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3456972/emailkit/trunk?contextall=1&old=3419280&old_path=%2Femailkit%2Ftrunk#file1"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f131ea1e-d652-4854-abea-6a307ca8118f?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.6.2]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "EmailKit \u2013 Email Customizer for WooCommerce & WP", "source": "cna", "vendor": "roxnor"}, "product": "emailkit_\u2013_email_customizer_for_woocommerce_&_wp", "vendor": "roxnor"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 70.0, "confidence_source": "inferred", "scores": [{"score": 70.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-15T17:07:59.150653+00:00", "value": {"mitigation_remediation": ["Upgrade the EmailKit \u2013 Email Customizer for WooCommerce & WP plugin to a version newer than 1.6.2 that implements proper capability checks.", "If an immediate plugin update is not possible, restrict or remove the Subscriber role\u2019s capability to manage posts or to invoke the update_template_data endpoint via custom code or a security plugin.", "Consider restricting access to the AJAX endpoint by adding authentication middleware or by hardening file permissions to prevent unauthorized access."], "summary": {"action": "Update Plugin", "impact": "Unauthorized Post Title Modification"}, "threat_synthesis": {"affected_systems": "The affected product is the EmailKit \u2013 Email Customizer for WooCommerce & WP plugin distributed by roxnor, impacting all WordPress installations that use this plugin up to and including version 1.6.2. WordPress sites employing WooCommerce or similar custom post type setups are within scope.", "description_and_impact": "The EmailKit \u2013 Email Customizer for WooCommerce & WP plugin contains a missing capability check in the update_template_data function, allowing authenticated users with Subscriber or higher access to change the title of any post on the site. This flaw permits arbitrary alteration of content titles, undermining the integrity of posts, pages, and custom post types. The vulnerability is classified as CWE-862, representing a failure to fully authorize data modification actions.", "risk_and_exploitability": "With a CVSS score of 4.3 and an EPSS score of less than 1%, the technical severity is moderate to low and the likelihood of exploitation is low. The flaw is not listed in the CISA KEV catalog. Attackers must be able to log in to the site with at least Subscriber privileges; once authenticated, they can invoke the vulnerable AJAX endpoint to modify post titles. No public exploit code is known, and the impact is confined to content integrity rather than full compromise."}}}}, "created": "2026-02-18T10:32:50.513964+00:00", "updated": "2026-04-15T17:30:10.445538+00:00", "vendors": ["roxnor", "roxnor$PRODUCT$emailkit_\u2013_email_customizer_for_woocommerce_&_wp", "wordpress", "wordpress$PRODUCT$wordpress"]}