Medium severity5.4NVD Advisory· Published May 18, 2026· Updated May 18, 2026
CVE-2026-1631
CVE-2026-1631
Description
The Feeds for YouTube (YouTube video, channel, and gallery plugin) WordPress plugin before 2.6.4 is vulnerable to unauthorized modification of the Feeds for YouTube (YouTube video, channel, and gallery plugin) WordPress plugin before 2.6.4's license key due to a missing capability check on the 'actions' function. This makes it possible for subscribers and above delete the license key.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <2.6.4
Patches
Vulnerability mechanics
References
1News mentions
1- Wordfence Intelligence Weekly WordPress Vulnerability Report (June 8, 2026 to June 14, 2026)Wordfence Blog · Jun 18, 2026