CVE-2026-57410
Received Received - Intake

Privilege Escalation in MailerPress Team MailerPress

Vulnerability report for CVE-2026-57410, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-13

Last updated on: 2026-07-13

Assigner: Patchstack

Description

Incorrect Privilege Assignment vulnerability in MailerPress Team MailerPress mailerpress allows Privilege Escalation.This issue affects MailerPress: from n/a through <= 2.0.2.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-13
Last Modified
2026-07-13
Generated
2026-07-13
AI Q&A
2026-07-13
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
mailerpress_team mailerpress to 2.0.2 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-57410 is a Privilege Escalation vulnerability in the WordPress MailerPress Plugin versions 2.0.2 and earlier.

This flaw allows attackers with low-privilege accounts to escalate their privileges to higher levels, potentially gaining full control over the affected website.

The vulnerability is related to incorrect privilege assignment and falls under the OWASP Top 10 category A7: Identification and Authentication Failures.

Impact Analysis

This vulnerability can have a severe impact as it allows attackers to escalate their privileges from low-level accounts to higher-level accounts.

An attacker exploiting this flaw could potentially gain full control of the website, leading to unauthorized access, data manipulation, or disruption of services.

The CVSS score of 8.8 indicates a high severity, meaning the risk posed by this vulnerability is significant and should be addressed promptly.

Detection Guidance

This vulnerability affects the WordPress MailerPress Plugin versions 2.0.2 and earlier. To detect if your system is vulnerable, you should first check the installed version of the MailerPress plugin.

  • Log in to your WordPress admin dashboard and navigate to the Plugins section to verify the MailerPress plugin version.
  • Alternatively, use command line to check the plugin version by running: `wp plugin get mailerpress --field=version` if WP-CLI is installed.
  • Monitor for unusual privilege escalations or unauthorized access attempts in your web server logs or WordPress logs.

No specific detection commands or network signatures are provided in the available resources.

Mitigation Strategies

The primary and immediate mitigation step is to update the MailerPress plugin to version 2.0.3 or later, which contains the patch for this vulnerability.

  • If updating immediately is not possible, apply the mitigation rule provided by Patchstack to block attacks targeting this vulnerability.
  • Seek assistance from your hosting provider or a web developer to help implement temporary mitigations or updates.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57410. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart