LatePoint < 5.2.8 – Agent+ Privilege Escalation | CVE 2026-1566 | Plugin Vulnerabilities

Description

The plugin is vulnerable to privilege escalation via password reset due to the plugin allowing users with a LatePoint Agent role, who are creating new customers to set the 'wordpress_user_id' field. This makes it possible for authenticated attackers, with Agent-level access and above, to gain elevated privileges by linking a customer to the arbitrary user ID, including administrators, and then resetting the password.

Affects Plugins

Fixed in 5.2.8

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/c958880e-6068-4e7d-a780-1251f3ab9bf7

Classification

Type

PRIVESC

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CVSS

Miscellaneous

Original Researcher

Nguyen Ba Hung (bashu)

Verified

No

WPVDB ID

32124c4d-c706-4b99-aa4e-9d625accbce7

Timeline

Publicly Published

2026-03-02 (about 2 months ago)

Added

2026-03-02 (about 2 months ago)

Last Updated

2026-03-02 (about 2 months ago)

Other

Published

Title

Published

2025-03-18

Title

Service Finder Bookings < 5.1 - Unauthenticated Privilege Escalation via Account Takeover

Published

2020-11-09

Title

Ultimate Member < 2.1.12 - Authenticated Privilege Escalation via Profile Update

Published

2018-05-29

Title

Woocommerce Category Banner Management <= 1.1.0 - Unauthenticated Settings Change

Published

2023-06-07

Title

Directorist < 7.5.5 - Subscriber+ Arbitrary User Password Reset to Privilege Escalation

Published

2024-10-18

Title

GERRYWORKS Post by Mail <= 1.0 - Contributor+ Privilege Escalation