PublishPress Capabilities – User Role Editor, Access Permissions, User Capabilities, Admin Menus

Vulnerabilities 8Slug capability-manager-enhancedLatest version 2.43.0WordPress.org →

Minimum safe version

2.32.0

Update to 2.32.0 or later to address 8 fixable vulnerabilities

Latest available2.43.0 ✓

Medium 4.3

2026-03-13< 2.32.0

CVE-2026-32394

N/A

2022-01-13< 2.3.3

WordPress PublishPress Capabilities Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)

N/A

2018-06-20< 1.5.9

PublishPress Capabilities <= 1.5.8 - Authenticated SQL Injection

N/A

2022-01-13< 2.3.3

PublishPress Capabilities <= 2.3.2 - Reflected Cross-Site Scripting

N/A

< 1.5.9

Capability Manager Enhanced <= 1.5.8 - Authenticated SQLi

N/A

< 2.3.3

PublishPress Capabilities < 2.3.3 - Reflected Cross-Site Scripting

High 7.2

2022-10-31< 2.5.2

CVE-2022-3366

Critical 9.8

2022-01-10< 2.3.1

CVE-2021-25032