CVE-2026-39433 PUBLISHED

WordPress WPAMS plugin < 49.5.3 - Arbitrary Content Deletion vulnerability

Assigner: Patchstack
Reserved: 07.04.2026 Published: 16.06.2026 Updated: 17.06.2026

Subscriber Arbitrary Content Deletion in WPAMS < 49.5.3 versions.

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS Score: 6.5

CVSS 3.1

Vendor	mojoomla
Product	WPAMS
Versions	Default: unaffected affected from n/a to 49.5.3 (excl.)

Update the WordPress MJAMS Plugin to the latest available version (at least 49.5.3).