{"vulnerability": "cve-2026-9701", "sightings": [{"uuid": "3c05dfc2-0eb4-4e0d-b0f0-dfc3483cff71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9701", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq4d4g7zbx2q", "content": "CVE-2026-9701 - eventer\nThe Eventer plugin for WordPress stores password reset keys in plain text, making it possible for attackers to reset any user's password without needing a password. This is especially\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#eventer #joe007 #CVE #infosec", "creation_timestamp": "2026-07-08T04:52:04.084123Z"}, {"uuid": "7c31e354-7475-4248-a227-5f28ff5d7b58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9701", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mq4gw5xwgz2x", "content": "CVE-2026-9701. Eventer plugin stores password reset keys in plaintext in the database. Any attacker with DB access \u2014 or a data breach \u2014 gets admin accounts. CVSS 9.8.\n\nUpdate to 4.4.2+ immediately.\n\nScan your WordPress site: pulse-wp.com\n#WordPress #SQLi #CyberSecurity", "creation_timestamp": "2026-07-08T06:00:09.023288Z"}, {"uuid": "6cd0fabf-b82d-4af6-a970-d0b8a46e8b0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9701", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq4lilhlr727", "content": "CVE-2026-9701 - Eventer\nCVE ID : CVE-2026-9701\n \n Published : July 8, 2026, 5:16 a.m. | 52\u00a0minutes ago\n \n Description : The Eventer plugin for WordPress is vulnerable to an insecure password reset mechanism in all versions up to, and including, 4.4.2. The plugin stores a plain...", "creation_timestamp": "2026-07-08T07:22:03.085223Z"}]}