{"uuid": "af4181a2-ce64-4f81-add2-3350fca2afa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5294", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116520086781199288", "content": "\ud83d\udea8 CRITICAL: CVE-2026-5294 in Geeky Bot WP plugin (\u22641.2.2) allows unauthenticated RCE by installing arbitrary plugins via an exposed AJAX endpoint. Disable or remove plugin & monitor for patches. https://radar.offseq.com/threat/cve-2026-5294-cwe-862-missing-authorization-in-ahm-a69c64e2 #OffSeq #WordPress #Vuln #InfoSec", "creation_timestamp": "2026-05-05T04:30:26.688484Z"}