🔎 HIGH severity: CVE-2026-7459 in Simple History WP plugin allows Subscriber users to seize admin accounts if experimental features are enabled. Disable this option and monitor for vendor fixes. Affects ≤5.26.0. Read: https://radar.offseq.com/threat/cve-2026-7459-cwe-640-weak-password-recovery-mecha-7aa34cab #OffSeq #WordPress #CVE20267459