CVE-2026-11775: CWE-352 Cross-Site Request Forgery (CSRF) in adamsilverstein User Admin Simplifier
The User Admin Simplifier plugin for WordPress contains a Cross-Site Request Forgery (CSRF) vulnerability in all versions up to and including 3.0.0. This vulnerability arises from missing or incorrect nonce validation in the useradminsimplifier_options_page function. An attacker can exploit this by tricking a site administrator into performing a forged request, which can reset and permanently delete any user's stored menu and admin-bar configuration. The vulnerability has a CVSS score of 4.3, indicating medium severity.
AI Analysis
Technical Summary
CVE-2026-11775 is a CSRF vulnerability in the User Admin Simplifier WordPress plugin by adamsilverstein. The issue is due to missing or incorrect nonce validation on the useradminsimplifier_options_page function, allowing unauthenticated attackers to cause an administrator to execute a forged request. This request triggers uas_save_admin_options(), overwriting the useradminsimplifier_options database entry and resulting in the reset and permanent deletion of any user's stored menu and admin-bar configuration. The vulnerability affects all versions up to and including 3.0.0.
Potential Impact
An attacker can cause a site administrator to unknowingly reset and delete stored menu and admin-bar configurations for any user by exploiting the CSRF vulnerability. This results in loss of user-specific interface customizations but does not impact confidentiality or availability. The integrity of user interface settings is compromised.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, administrators should be cautious about clicking on untrusted links while logged into WordPress with administrative privileges. Monitoring for updates from the plugin vendor or WordPress security advisories is recommended.
CVE-2026-11775: CWE-352 Cross-Site Request Forgery (CSRF) in adamsilverstein User Admin Simplifier
Description
The User Admin Simplifier plugin for WordPress contains a Cross-Site Request Forgery (CSRF) vulnerability in all versions up to and including 3.0.0. This vulnerability arises from missing or incorrect nonce validation in the useradminsimplifier_options_page function. An attacker can exploit this by tricking a site administrator into performing a forged request, which can reset and permanently delete any user's stored menu and admin-bar configuration. The vulnerability has a CVSS score of 4.3, indicating medium severity.
CVSS v3.1
Score 4.3medium
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-11775 is a CSRF vulnerability in the User Admin Simplifier WordPress plugin by adamsilverstein. The issue is due to missing or incorrect nonce validation on the useradminsimplifier_options_page function, allowing unauthenticated attackers to cause an administrator to execute a forged request. This request triggers uas_save_admin_options(), overwriting the useradminsimplifier_options database entry and resulting in the reset and permanent deletion of any user's stored menu and admin-bar configuration. The vulnerability affects all versions up to and including 3.0.0.
Potential Impact
An attacker can cause a site administrator to unknowingly reset and delete stored menu and admin-bar configurations for any user by exploiting the CSRF vulnerability. This results in loss of user-specific interface customizations but does not impact confidentiality or availability. The integrity of user interface settings is compromised.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, administrators should be cautious about clicking on untrusted links while logged into WordPress with administrative privileges. Monitoring for updates from the plugin vendor or WordPress security advisories is recommended.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Wordfence
- Date Reserved
- 2026-06-09T11:58:37.369Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a34b1e3f198dc38c130d503
Added to database: 6/19/2026, 3:05:07 AM
Last enriched: 6/19/2026, 3:19:58 AM
Last updated: 6/19/2026, 4:26:58 AM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.