CVE-2026-49063 PUBLISHED

WordPress Listdom plugin <= 5.5.0 - Privilege Escalation vulnerability

Assigner: Patchstack
Reserved: 27.05.2026 Published: 15.06.2026 Updated: 16.06.2026

Unauthenticated Privilege Escalation in Listdom <= 5.5.0 versions.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVSS Score: 7.3

Product Status

Vendor Webilia Inc.
Product Listdom
Versions Default: unaffected
  • affected from n/a to 5.5.0 (incl.)

Solutions

Update the WordPress Listdom Plugin to the latest available version (at least 5.6.0).

Credits

  • dodoh4t | Patchstack Bug Bounty Program finder

References

Problem Types

  • CWE-266 Incorrect Privilege Assignment CWE

Impacts

  • CAPEC-233 Privilege Escalation