{"vulnerability": "CVE-2026-5722", "sightings": [{"uuid": "eb35b482-abe8-4324-afdc-469d52230db4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5722", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml34zrwaps2n", "content": "\ud83d\udd34 CVE-2026-5722 - Critical (9.8)\n\nThe MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions u...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-5722/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-05T02:24:36.569364Z"}, {"uuid": "5869d918-9fa0-4fe7-8ac4-22e9f1faa433", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5722", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3ml36zyame72f", "content": "\ud83d\udea8 MoreConvert Pro (WordPress \u22641.9.14) CRITICAL auth bypass lets attackers hijack accounts, incl. admins. Disable plugin or restrict access until patched. https://radar.offseq.com/threat/cve-2026-5722-cwe-287-improper-authentication-in-m-b66ead43 #OffSeq #WordPress #CVE20265722", "creation_timestamp": "2026-05-05T03:00:30.058476Z"}, {"uuid": "94ddd3d2-c3f2-4910-9597-a5f86a4de98b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5722", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116519732985387008", "content": "\ud83d\udea8 CVE-2026-5722 | CRITICAL auth bypass in MoreConvert Pro (\u22641.9.14, WordPress). Attackers can use flawed guest waitlist token logic to hijack accounts \u2014 even admin! Disable plugin or restrict access until patch. https://radar.offseq.com/threat/cve-2026-5722-cwe-287-improper-authentication-in-m-b66ead43 #OffSeq #WordPress #CVE20265722 #infosec", "creation_timestamp": "2026-05-05T03:00:30.105075Z"}, {"uuid": "10aebc3d-5c4c-423a-acbe-e361f4ea6acf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5722", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ml35d2qrq62t", "content": "CVE-2026-5722 - MoreConvert Pro\nCVE ID : CVE-2026-5722\n \n Published : May 5, 2026, 1:24 a.m. | 56\u00a0minutes ago\n \n Description : The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest...", "creation_timestamp": "2026-05-05T02:29:46.634710Z"}, {"uuid": "4aff9dc0-09c7-4fb0-86f6-223c912359b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5722", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3ml3hqno7pr2c", "content": "WordPress\u30d7\u30e9\u30b0\u30a4\u30f3MoreConvert Pro\uff08v1.9.14\u307e\u3067\uff09\u3067\u8a8d\u8a3c\u30d0\u30a4\u30d1\u30b9\u306e\u8106\u5f31\u6027\u3002\u653b\u6483\u8005\u306f\u3001\u5de7\u5999\u306a\u64cd\u4f5c\u3067\u672a\u8a8d\u8a3c\u3067\u3082\u7ba1\u7406\u8005\u6a29\u9650\u3092\u5f97\u308b\u53ef\u80fd\u6027\u304c\u3042\u308b\u3002\nCVE-2026-5722 CVSS 9.8 | CRITICAL", "creation_timestamp": "2026-05-05T05:36:20.128215Z"}]}