What is CVE-2026-6446?

CVE-2026-6446 is a medium-severity vulnerability in Bplugins My Social Feeds – Embedder Plugin For Wordpress, classified under Insufficiently Protected Credentials. CVSS score: 5.4/10. Published 2026-05-02.

How severe is CVE-2026-6446?

Medium severity. CVSS v3 base score is 5.4 out of 10.

Vulnerability in Bplugins My Social Feeds – Embedder Plugin For Wordpress

CVE-2026-6446

The My Social Feeds – Social Feeds Embedder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to and including 1.0.4 via the 'ttp_get_accounts' AJAX action. This is due to the complete absence of autho…

EPSS: 0.000 (2.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.4 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N.

Affected products

Bplugins My Social Feeds – Embedder Plugin For Wordpress — versions 0

Weakness classification (CWE)

CWE-522 — Insufficiently Protected Credentials

References

Frequently asked questions

What is CVE-2026-6446?: CVE-2026-6446 is a medium-severity vulnerability in Bplugins My Social Feeds – Embedder Plugin For Wordpress, classified under Insufficiently Protected Credentials. CVSS score: 5.4/10. Published 2026-05-02.
How severe is CVE-2026-6446?: Medium severity. CVSS v3 base score is 5.4 out of 10.