EIP-2026-114269

PRE-CVE

WordPress Plugin wp-topbar 4.02 - Multiple Vulnerabilities

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-114269. PoCs published by Blake Entrekin.

AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in WP-TopBar 4.02, which allows an attacker to submit a malicious POST request to update the TopBar settings with a Stored XSS payload. The PoC includes an HTML form that automatically submits the payload to a vulnerable WordPress instance.

Description

WordPress Plugin wp-topbar 4.02 - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED
by Blake Entrekin · textwebappsphp
https://www.exploit-db.com/exploits/21393

This exploit demonstrates a CSRF vulnerability in WP-TopBar 4.02, which allows an attacker to submit a malicious POST request to update the TopBar settings with a Stored XSS payload. The PoC includes an HTML form that automatically submits the payload to a vulnerable WordPress instance.

Classification
Working Poc 95%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: WP-TopBar 4.02
Auth required
Prerequisites: Victim must be logged into WordPress admin panel · WP-TopBar plugin version 4.02 must be installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026