WebPurify Profanity Filter WordPress Plugin Missing Authorization Vulnerability in Versions Through 4.0.2

Vulnerability

A vulnerability exists in the WebPurify Profanity Filter plugin for WordPress, specifically in all versions up to and including 4.0.2. The issue arises from a missing capability check in the 'webpurify_save_options' function, allowing unauthorized users to modify plugin settings. This vulnerability could be exploited by unauthenticated attackers to change configuration options within the plugin.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in the WebPurify Profanity Filter plugin settings, potentially allowing attackers to manipulate how the plugin filters content.

Added: Feb 4, 2026, 9:23 AM

Updated: Feb 4, 2026, 5:11 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.1

remediation

0.0

relevance

2.7

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.1

remediation

0.0

relevance

2.7

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WebPurify Profanity Filter WordPress Plugin Missing Authorization Vulnerability in Versions Through 4.0.2

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating