CVE-2026-22391 | Cocco Plugin up to 1.5.1 on WordPress resource injection

January 15, 2026 Yanac

A vulnerability labeled as critical has been found in Cocco Plugin up to 1.5.1 on WordPress. The impacted element is an unknown function. Executing a manipulation can lead to improper control of resource identifiers.

This vulnerability is registered as CVE-2026-22391. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More

CVE-2025-13062 | Supreme Modules Lite Plugin up to 2.5.62 on WordPress unrestricted upload
CVE-2026-22398 | Fleur Plugin up to 2.0 on WordPress resource injection