CVE-2026-22407 | Roam Plugin up to 2.1.1 on WordPress resource injection

January 14, 2026 Yanac

A vulnerability, which was classified as critical, was found in Roam Plugin up to 2.1.1 on WordPress. This impacts an unknown function. The manipulation results in improper control of resource identifiers.

This vulnerability is identified as CVE-2026-22407. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More

CVE-2026-22472 | Easy Form Builder Plugin up to 3.9.6 on WordPress authorization
CVE-2026-22468 | Absolute Addons for Elementor Plugin up to 1.0.14 on WordPress authorization