CVE-2026-1631

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

18/05/2026

Last modified:

18/05/2026

Description

The Feeds for YouTube (YouTube video, channel, and gallery plugin) WordPress plugin before 2.6.4 is vulnerable to unauthorized modification of the Feeds for YouTube (YouTube video, channel, and gallery plugin) WordPress plugin before 2.6.4&#39;s license key due to a missing capability check on the &#39;actions&#39; function. This makes it possible for subscribers and above delete the license key.

Impact

References to Advisories, Solutions, and Tools

https://wpscan.com/vulnerability/b19596c2-69bc-4e15-8632-eb80f4577e3c/