This is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is.
Post
Pulse WP
pulse-wp.com
did:plc:m7puovzqhxurz66hip2xwfs6
CVE-2026-7654. Admin Columns up to 7.0.18. CVSS 8.8.
Attacker injects malicious PHP objects into post meta. Unserialize() executes them. Remote code execution.
No patch available. Disable the plugin now.
Scan your WordPress site: pulse-wp.com
#WordPress #RCE #CyberSecurity
2026-06-06T00:00:17.573Z