CVE-2026-22199 | gVectors wpDiscuz up to 7.6.46 wpdGetNonce User-Agent authentication spoofing

A vulnerability described as critical has been identified in gVectors wpDiscuz up to 7.6.46. The affected element is the function wpdGetNonce. The manipulation of the argument User-Agent results in authentication bypass by spoofing.

This vulnerability is identified as CVE-2026-22199. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More