{"uuid": "7d6c0387-c343-4315-922d-d868af3bd800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-6433", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlkqwfikpf2f", "content": "CRITICAL: Custom css-js-php WordPress plugin <=2.0.7 flaw lets unauthenticated users run arbitrary PHP code. No patch yet \u2014 disable/remove plugin now. https://radar.offseq.com/threat/cve-2026-6433-cwe-94-improper-control-of-generatio-3ad54b4b #OffSeq #WordPress #security", "creation_timestamp": "2026-05-11T07:30:33.072076Z"}