CVE-2025-26966

Name: Websites susceptible to CVE-2025-26966
Creator: WebTechSurvey

CVE-2025-26966

WordPress PrivateContent plugin <= 8.11.5 - Unauthenticated Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Aldo Latino PrivateContent. This issue affects PrivateContent: from n/a through 8.11.5.

We have discovered 1,117 live websites that are affected by CVE-2025-26966.

Run a Free Instant Scan

Affected Software


Product	Private Content
Category	Wordpress Plugins
Vulnerable Domains	1,117 live websites (100% of Private Content install base)
Vulnerable Versions	from 0 through 8.11.5
Vulnerable Versions Count	0 versions ( less than 0.1% of all versions)

Common Weakness Enumeration

CWE-288 Authentication Bypass Using an Alternate Path or Channel

Available Reports

Website List

Details

Published - Feb 25, 2025
Updated - Feb 25, 2025

Credits

Rafie Muhammad (Patchstack) (finder)

CVE References

CWE References

cwe.mitre.org

CWE

CWE-288

Website Distribution by Country

Number of websites using CVE-2025-26966

United States	182 websites

Italy	293 websites
Spain	105 websites
France	103 websites
Germany	70 websites
GB	60 websites
Brazil	56 websites
Netherlands	31 websites
Portugal	22 websites
Canada	16 websites

Website Distribution by TLD

Number of websites using CVE-2025-26966

.com	360 websites
.it	232 websites
.org	74 websites
.com.br	44 websites
.es	39 websites
.eu	32 websites
.net	27 websites
.fr	26 websites
.nl	24 websites
.co.uk	23 websites

Websites affected by CVE-2025-26966

Top websites that are affected by CVE-2025-26966. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
********..uk	GB	*,*
******.com	Spain	*,*
********************.it	Italy	*,*
*************************.org	GB	*,*
**********************.com	GB	*,*
************.eu	Belgium	*,*
*********.org	Netherlands	*,*
*************.org	South Africa	*,*
*.*.uk	GB	*,*
**.*.pl	Poland	*,*