{"vulnerability": "cve-2026-13492", "sightings": [{"uuid": "0c653c07-f9c6-43b5-9d18-cb4dbb589a23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13492", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqahj5jc7c2x", "content": "CVE-2026-13492 - UsersWP\nCVE ID : CVE-2026-13492\n \n Published : July 9, 2026, 7:17 p.m. | 31\u00a0minutes ago\n \n Description : The UsersWP plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 1.2.65. This is due to insufficient validation ...", "creation_timestamp": "2026-07-09T20:21:25.155645Z"}, {"uuid": "4e12753c-5f20-44b8-bd7c-c65dbad7e13b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-13492", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mqatqugq6z23", "content": "UsersWP up to 1.2.65 lets attackers delete arbitrary files. Your wp-config.php. Your database backups. Your themes.\n\nCVE-2026-13492. CVSS 8.8. No auth needed.\n\nNo patch available. Disable it now.\n\nScan your WordPress site: pulse-wp.com\n#WordPress #FileUpload #CyberSecurity", "creation_timestamp": "2026-07-10T00:00:29.061904Z"}]}