CVE-2026-12240 | qlstudio Export User Data Plugin up to 2.2.6 on WordPress wp-config.php unserialize deserialization (EUVD-2026-40260)

SecurityVulns

A vulnerability was found in qlstudio Export User Data Plugin up to 2.2.6 on WordPress. It has been rated as problematic. The affected element is the function unserialize of the file wp-config.php. Performing a manipulation results in deserialization.

This vulnerability is reported as CVE-2026-12240. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More