CVE-2026-8787P2HIGHCVSS 8.8≤ 3.1.12026-05-27
CVE-2026-8787 [HIGH] CWE-269 CVE-2026-8787: The Firebase Support & Chat Management plugin for WordPress is vulnerable to privilege escalation in
The Firebase Support & Chat Management plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.1.1. This is due to the `firebase_auth()` function authenticating the request as the WordPress user whose email is supplied in the `user_email` POST parameter without verifying ownership of that email (no Firebase ID
nvd