CVE-2026-10038 | smub Charitable Plugin up to 1.8.11.1 on WordPress save_avatar authorization

A vulnerability labeled as critical has been found in smub Charitable Plugin up to 1.8.11.1 on WordPress. This affects the function save_avatar. The manipulation results in authorization bypass.

This vulnerability is identified as CVE-2026-10038. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More