A critical security vulnerability (CVE-2026-23550 ) affecting the WordPress Modular DS plugin is under active exploitation, allowing unauthenticated attackers to gain administrator access and potentially fully compromise affected websites.

Affected systems

• WordPress Modular DS plugin: All versions up to and including 2.5.1

Security Risks

The identified vulnerabilities could allow unauthenticated attackers to gain administrator access, expose sensitive system and user data, introduce malicious changes or malware, and ultimately lead to full compromise of affected WordPress websites.

For the full list of security patches released, please refer to official WordPress Plugins repository.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends users and administrators:

1. Follow the WordPress Modular DS Security Advisory and apply the recommended updates to reduce vulnerability exploitation risk.

2. Apply the required and latest security updates as soon as possible.

              The released software versions for upgrade are:

• WordPress Modular DS plugin: Upgrade to Modular DS version 2.5.2 or later 

3. Before any updating task, ensure you have a current, tested backup of your data.

For further information and support, please contact the National Cyber Security Authority (NCSA) by emailing rwcsirt@ncsa.gov.rw or calling us on 9009.

References

• Hackers exploit Modular DS WordPress plugin flaw for admin access

• Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

• Modular DS Security Releases: Modular Connector 2.6.0 and 2.5.2

• Modular DS: Monitor, update, and backup multiple websites – WordPress plugin

• Critical Privilege Escalation Vulnerability in Modular DS plugin affecting 40k+ Sites exploited in the wild