CVE-2026-8906 | rahulbhangale WP Promoter Plugin up to 1.3 on WordPress Setting cross-site request forgery

A vulnerability, which was classified as problematic, was found in rahulbhangale WP Promoter Plugin up to 1.3 on WordPress. This vulnerability affects unknown code of the component Setting Handler. Executing a manipulation can lead to cross-site request forgery.

This vulnerability is tracked as CVE-2026-8906. The attack can be launched remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More