What is CVE-2026-6933?

CVE-2026-6933 is a high-severity vulnerability in Premmerce Dev Tools, classified under Unrestricted Upload of File with Dangerous Type. CVSS score: 8.8/10. Published 2026-06-16.

How severe is CVE-2026-6933?

High severity. CVSS v3 base score is 8.8 out of 10.

Arbitrary file upload in Premmerce Dev Tools

CVE-2026-6933

The Premmerce Dev Tools plugin for WordPress is vulnerable to Remote Code Execution via missing authorization in versions up to and including 2.0. This is due to the 'generatePluginHandler' function lacking any authorization check before p…

Vulnerability class: Unrestricted File Upload

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Premmerce Dev Tools — versions 0

Weakness classification (CWE)

CWE-434 — Unrestricted Upload of File with Dangerous Type

References

security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com

Frequently asked questions

What is CVE-2026-6933?: CVE-2026-6933 is a high-severity vulnerability in Premmerce Dev Tools, classified under Unrestricted Upload of File with Dangerous Type. CVSS score: 8.8/10. Published 2026-06-16.
How severe is CVE-2026-6933?: High severity. CVSS v3 base score is 8.8 out of 10.