CVE-2026-0572 identifies a missing authorization vulnerability (CWE-862) in the WebPurify Profanity Filter plugin for WordPress, present in all versions up to and including 4.0.2. The vulnerability stems from the 'webpurify_save_options' function lacking a capability check, which means that any unauthenticated user can invoke this function to modify plugin settings. This unauthorized modification can alter how the profanity filter operates, potentially disabling or weakening content filtering or changing configurations that affect site behavior. The vulnerability is remotely exploitable over the network without requiring any authentication or user interaction, increasing its risk profile. The CVSS v3.1 score is 6.5 (medium severity), reflecting the network attack vector, low attack complexity, no privileges required, and no user interaction needed. The impact primarily affects integrity and availability, as attackers can change plugin settings, potentially disrupting filtering functionality or enabling further malicious activity. No patches are currently linked, and no known exploits are reported in the wild, but the vulnerability's nature suggests it could be leveraged in targeted attacks or automated scanning campaigns. The plugin is widely used on WordPress sites, which are common across Europe, making this a relevant threat for organizations relying on WebPurify for content moderation.

For European organizations, this vulnerability could lead to unauthorized changes in content filtering policies, potentially allowing inappropriate or malicious content to bypass moderation controls. This can damage organizational reputation, violate compliance requirements related to content management, and expose users to harmful material. Additionally, altered plugin settings might be leveraged as a foothold for further attacks, such as injecting malicious scripts or disrupting site availability. Organizations relying on WebPurify for regulatory compliance or brand protection could face operational disruptions and legal risks. The ease of exploitation without authentication increases the likelihood of opportunistic attacks, especially on publicly accessible WordPress sites. Given the widespread use of WordPress and content filtering plugins in Europe, the vulnerability poses a moderate but tangible risk to website integrity and availability.

1. Monitor the WebPurify vendor site and WordPress plugin repository for official patches addressing CVE-2026-0572 and apply updates immediately upon release. 2. Until patches are available, restrict access to WordPress administrative endpoints using IP whitelisting, web application firewalls (WAFs), or VPNs to limit exposure to unauthenticated requests. 3. Implement strict access controls and logging on WordPress admin actions to detect unauthorized configuration changes. 4. Employ security plugins that can detect and block unauthorized attempts to modify plugin settings or unusual POST requests targeting plugin functions. 5. Regularly audit plugin configurations and content filtering rules to identify unexpected changes. 6. Educate site administrators about this vulnerability and encourage prompt response to suspicious activity. 7. Consider temporarily disabling or replacing the WebPurify plugin if immediate patching is not feasible and the risk is unacceptable.