Is CVE-2026-23550 in the CISA Known Exploited Vulnerabilities catalog?

CVE-2026-23550 is not currently listed in the CISA KEV catalog.

Which frameworks does CVE-2026-23550 affect?

CVE-2026-23550 affects WordPress.

Vulnerability intelligence

CVE-2026-23550

The most popular WordPress backup plugin gave unauthenticated attackers full admin access. Wordfence blocked 8,172 exploit attempts in 24 hours. The plugin supply chain strikes again.

WordPress 2026

What WebPulse reported · 1 analysis

UpdraftPlus: 3 Million WordPress Sites. Unauthenticated Admin RCE. No Login Required.

The most popular WordPress backup plugin gave unauthenticated attackers full admin access. Wordfence blocked 8,172 exploit attempts in 24 hours. The plugin supp

June 13, 2026

View CVE-2026-23550 on the NIST National Vulnerability Database →

Related vulnerabilities

CVE-2026-8206 CVE-2026-8181 CVE-2026-3844 CVE-2026-10795 CVE-2026-4020 CVE-2026-1293 CVE-2026-8732 CVE-2026-4798