EIP-2026-113944

PRE-CVE

WordPress Plugin ORGanizer - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113944. PoCs published by MustLive.

AI-analyzed exploit summary The provided text describes multiple vulnerabilities in the Organizer plugin for WordPress, including XSS, information disclosure, and directory traversal. It includes example URLs demonstrating these vulnerabilities but lacks executable exploit code.

Description

WordPress Plugin ORGanizer - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED

by MustLive · textwebappsphp

https://www.exploit-db.com/exploits/37411

View Code ZIP pw:eip

The provided text describes multiple vulnerabilities in the Organizer plugin for WordPress, including XSS, information disclosure, and directory traversal. It includes example URLs demonstrating these vulnerabilities but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Xss | Info Leak | Other

Complexity

Trivial

Reliability

Theoretical

Target: Organizer plugin for WordPress 1.2.1

No auth needed

Prerequisites: Access to the target WordPress instance · Organizer plugin installed and activated

MITRE ATT&CK

T1059.007 - JavaScript T1083 - File and Directory Discovery T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026