What is CVE-2026-11912?

CVE-2026-11912 is a high-severity vulnerability in Eemitch Simple File List, classified under Missing Authorization. CVSS score: 7.5/10. Published 2026-06-20.

How severe is CVE-2026-11912?

High severity. CVSS v3 base score is 7.5 out of 10.

Is CVE-2026-11912 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Auth bypass in Eemitch Simple File List

CVE-2026-11912

The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete and…

Vulnerability class: Broken Access Control

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N.

Affected products

Eemitch Simple File List — versions 0

Weakness classification (CWE)

CWE-862 — Missing Authorization

Public proof-of-concept exploits

Polosss/By-Poloss..-..CVE-2026-11912

References

Frequently asked questions

What is CVE-2026-11912?: CVE-2026-11912 is a high-severity vulnerability in Eemitch Simple File List, classified under Missing Authorization. CVSS score: 7.5/10. Published 2026-06-20.
How severe is CVE-2026-11912?: High severity. CVSS v3 base score is 7.5 out of 10.
Is CVE-2026-11912 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.