WpStream — Vulnerabilities & Security Advisories 5

All 5 CVE vulnerabilities found in WpStream, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-39526	WordPress WpStream plugin < 4.11.2 - Insecure Direct Object References (IDOR) vulnerability CWE-639	6.5^AI	Medium^AI	2026-04-08
CVE-2025-68522	WordPress WpStream plugin <= 4.9.5 - Broken Access Control vulnerability CWE-862	4.3	Medium	2025-12-24
CVE-2025-68521	WordPress WpStream plugin <= 4.9.5 - Broken Access Control vulnerability CWE-862	5.3	Medium	2025-12-24
CVE-2023-27458	WordPress WpStream – Live Streaming, Video on Demand, Pay Per View Plugin <= 4.4.10 is vulnerable to Cross Site Request Forgery (CSRF) CWE-352	4.3	Medium	2023-11-22
CVE-2023-38512	WordPress WpStream plugin <= 4.5.4 - Cross Site Request Forgery (CSRF) vulnerability CWE-352	8.8	-	2023-07-27

All 5 known CVE vulnerabilities affecting WpStream with full Chinese analysis, references, and POCs where available.