What is CVE-2026-1208 — CSRF in Friendly Functions for Welcart?

CVE-2026-1208 is a Cross-Site Request Forgery (CSRF) vulnerability in the Friendly Functions for Welcart WordPress plugin, allowing attackers to modify settings via forged requests.

Am I affected by CVE-2026-1208 in Friendly Functions for Welcart?

You are affected if you are using Friendly Functions for Welcart version 0.0.0 through 1.2.5. Upgrade to 1.2.6 or later to mitigate the risk.

How do I fix CVE-2026-1208 in Friendly Functions for Welcart?

Upgrade the Friendly Functions for Welcart plugin to version 1.2.6 or later. Consider WAF rules and user access controls as temporary mitigations.

Is CVE-2026-1208 being actively exploited?

No active exploitation campaigns targeting CVE-2026-1208 have been publicly reported as of this writing.

Where can I find the official Friendly Functions for Welcart advisory for CVE-2026-1208?

Refer to the plugin developer's website or WordPress plugin repository for the official advisory and update information.

CVE-2026-1208 — Vulnerability Details

NEXTGUARD

Escanear grátis

CVE-2026-1208 — Vulnerability Details | NextGuard

Passos de Detecçãotraduzindo…

• wordpress / composer / npm:

grep -r 'settings_update' /var/www/html/wp-content/plugins/friendly-functions-for-welcart/includes/

• generic web:

curl -I https://your-wordpress-site.com/wp-admin/admin-ajax.php?action=friendly_functions_settings_update&setting_name=some_setting&new_value=malicious_value | grep -i '200 ok'

Friendly Functions for Welcart <= 1.2.5 - Cross-Site Request Forgery para Atualização de Configurações

Impacto e Cenários de Ataquetraduzindo…

Contexto de Exploraçãotraduzindo…

Quem Está em Riscotraduzindo…

Passos de Detecçãotraduzindo…

Linha do Tempo do Ataque

Inteligência de Ameaças

Software Afetado

Classificação de Fraqueza (CWE)

Linha do tempo

Mitigação e Soluções Alternativastraduzindo…

Como corrigir

Boletim de Segurança CVE

Perguntas frequentestraduzindo…

What is CVE-2026-1208 — CSRF in Friendly Functions for Welcart?

Am I affected by CVE-2026-1208 in Friendly Functions for Welcart?

How do I fix CVE-2026-1208 in Friendly Functions for Welcart?

Is CVE-2026-1208 being actively exploited?

Where can I find the official Friendly Functions for Welcart advisory for CVE-2026-1208?

Informações do pacote

Seu projeto está afetado?

Detecte esta CVE no seu projeto