CVE-2026-57761
Deferred Deferred - Pending Action

Unauthenticated CSRF in SEOWP Plugin

Vulnerability report for CVE-2026-57761, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-02

Last updated on: 2026-07-02

Assigner: Patchstack

Description

Unauthenticated Cross Site Request Forgery (CSRF) in SEOWP <= 3.12.2 versions.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-02
Last Modified
2026-07-02
Generated
2026-07-02
AI Q&A
2026-07-02
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
patchstack seowp to 3.12.2 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-352 The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-57761 is a Cross Site Request Forgery (CSRF) vulnerability affecting the WordPress SEOWP Theme versions 3.12.2 and below.

This vulnerability allows malicious actors to trick higher privileged users into executing unwanted actions while they are authenticated, by making them click a malicious link or submit a form.

The vulnerability requires no authentication from the attacker and is classified under OWASP Top 10 A1: Broken Access Control.

Impact Analysis

This vulnerability can impact you by allowing attackers to perform unauthorized actions on your website through higher privileged users without their consent.

Such actions could lead to data manipulation, changes in site configuration, or other harmful effects depending on the privileges of the targeted user.

However, exploitation requires user interaction, such as clicking a malicious link, and the overall severity is considered low with a CVSS score of 7.1.

Mitigation Strategies

Immediate action is recommended to update the affected SEOWP theme to a version above 3.12.2 once a patch is available.

If an official patch is not yet available, users should contact their hosting provider or web developer for assistance in mitigating the vulnerability.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57761. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart