{"uuid": "992da49d-b3e4-494a-b92b-898287816325", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12685", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116894507132740931", "content": "CVE-2026-12685 | EscortWP \u22643.6.2: CRITICAL backdoor (CWE-912) enables unauthenticated data wipe &amp; exfiltrates site/admin info via hard-coded key. No patch available \u2014 replace theme &amp; monitor vendor. https://radar.offseq.com/threat/cve-2026-12685-cwe-912-hidden-functionality-in-esc-2444ba57a4fc890e #OffSeq #WordPress #Infosec #CVE2026_12685", "creation_timestamp": "2026-07-10T07:30:27.754406Z"}