CVE-2026-25321 | PSM Plugins SupportCandy Plugin up to 3.4.4 on WordPress authorization

February 19, 2026 Yanac

A vulnerability was found in PSM Plugins SupportCandy Plugin up to 3.4.4 on WordPress. It has been classified as critical. This affects an unknown function. Performing a manipulation results in missing authorization.

This vulnerability is reported as CVE-2026-25321. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More

CVE-2026-25316 | Brainstorm Force CartFlows Plugin up to 2.1.19 on WordPress deserialization
CVE-2026-25408 | PluginRx Broken Link Notifier Plugin up to 1.3.5 on WordPress authorization