{"uuid": "b67a9d2e-24ca-43c2-97e0-70bee1add4dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12583", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116917156404370712", "content": "Deserialization of untrusted data (CVE-2026-12583, CRITICAL) in Newsletters WP plugin &lt;4.15 allows unauthenticated RCE via public form. Disable or restrict plugin until patch is confirmed. https://radar.offseq.com/threat/cve-2026-12583-cwe-502-deserialization-of-untruste-c97ca770117c8a32 #OffSeq #WordPress #Vuln #RCE", "creation_timestamp": "2026-07-14T07:30:28.177343Z"}