{"vulnerability": "cve-2026-4375", "sightings": [{"uuid": "456d2b00-980c-49a8-89a3-2035b8d9534c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4375", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116877520158002101", "content": "CVE-2026-4375: CRITICAL code injection (CWE-94) in DoLeads Integrator &amp; wp2epub WordPress plugins \u22640.65 allows RCE by unauthorized users. No patch yet \u2014 restrict plugin installs &amp; monitor for changes. https://radar.offseq.com/threat/cve-2026-4375-cwe-94-improper-control-of-generatio-71c36276dd5a5ffb #OffSeq #WordPress #CVE20264375", "creation_timestamp": "2026-07-07T07:30:27.013372Z"}, {"uuid": "47e8b3db-8435-46ae-b9c1-c5b8afde0df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4375", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq23iqtn2r2u", "content": "CRITICAL code injection found in DoLeads Integrator &amp; wp2epub WordPress plugins (\u22640.65). RCE possible if exploited. Avoid use, restrict plugin installs, monitor sites. https://radar.offseq.com/threat/cve-2026-4375-cwe-94-improper-control-of-generatio-71c36276dd5a5ffb #OffSeq #WordPress #Vulnerabi...", "creation_timestamp": "2026-07-07T07:30:28.859239Z"}, {"uuid": "4d815137-d658-4492-af04-9e49da3f0072", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4375", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq2rwwipzw23", "content": "CVE-2026-4375 - doleads integrator\nThe DoLeads Integrator and wp2epub WordPress plugins, versions 0.65 and below, contain a security flaw that allows unauthorized users to execute malicious code on\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#doleadsintegrator #unknown #CVE #infosec", "creation_timestamp": "2026-07-07T14:12:06.787045Z"}, {"uuid": "334a74d2-e9e7-4c7d-b042-d43dacf08426", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4375", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mq36owdt2c2w", "content": "CVE-2026-4375. CVSS 9/10. DoLeads Integrator and wp2epub let unauthenticated visitors execute code on your server. Your database. Your wp-config. Gone. No patch available. Disable both plugins immediately. Scan your WordPress site: pulse-wp.com\n#WordPress #RCE #CyberSecurity", "creation_timestamp": "2026-07-07T18:00:16.493986Z"}]}