Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-9230

Summary
Assigner-Wordfence
Assigner Org ID-b15e7b5b-3da4-40ae-a43c-f7aa60e62599
Published At-03 Jul, 2026 | 06:50
Updated At-03 Jul, 2026 | 06:50
Rejected At-
Credits

Quiz and Survey Master (QSM) <= 11.1.4 - Missing Authorization to Authenticated (Contributor+) Arbitrary Quiz Modification and Email Reroute via Leaked Nonce from /quiz/structure

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with contributor-level access and above, to modify quizzes they do not own, overwrite quiz results pages, and reroute quiz-result notification emails to attacker-controlled addresses. An attacker first calls the /quiz/structure endpoint with an arbitrary victim quiz ID to obtain a valid nonce bound to that quiz ID and their own user ID, then presents that nonce to the /quizzes/{id}/emails save endpoint, which accepts it without verifying quiz ownership.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Wordfence
Assigner Org ID:b15e7b5b-3da4-40ae-a43c-f7aa60e62599
Published At:03 Jul, 2026 | 06:50
Updated At:03 Jul, 2026 | 06:50
Rejected At:
▼CVE Numbering Authority (CNA)
Quiz and Survey Master (QSM) <= 11.1.4 - Missing Authorization to Authenticated (Contributor+) Arbitrary Quiz Modification and Email Reroute via Leaked Nonce from /quiz/structure

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with contributor-level access and above, to modify quizzes they do not own, overwrite quiz results pages, and reroute quiz-result notification emails to attacker-controlled addresses. An attacker first calls the /quiz/structure endpoint with an arbitrary victim quiz ID to obtain a valid nonce bound to that quiz ID and their own user ID, then presents that nonce to the /quizzes/{id}/emails save endpoint, which accepts it without verifying quiz ownership.

Affected Products
Vendor
expresstech
Product
Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker
Default Status
unaffected
Versions
Affected
  • From 0 through 11.1.4 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-862CWE-862 Missing Authorization
Type: CWE
CWE ID: CWE-862
Description: CWE-862 Missing Authorization
Metrics
VersionBase scoreBase severityVector
3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

finder
Kirasec
Timeline
EventDate
Disclosed2026-07-02 18:30:42
Event: Disclosed
Date: 2026-07-02 18:30:42
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.wordfence.com/threat-intel/vulnerabilities/id/49c66f9e-e58c-435b-9bb0-d6b66261e789?source=cve
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/rest-api.php#L460
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/rest-api.php#L513
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/blocks/block.php#L424
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/blocks/block.php#L257
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/rest-api.php#L862
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/mlw_quizmaster2.php#L890
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/php/rest-api.php#L460
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/php/rest-api.php#L513
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/blocks/block.php#L424
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/blocks/block.php#L257
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/php/rest-api.php#L862
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/mlw_quizmaster2.php#L890
N/A
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3570062%40quiz-master-next&new=3570062%40quiz-master-next&sfp_email=&sfph_mail=
N/A
Hyperlink: https://www.wordfence.com/threat-intel/vulnerabilities/id/49c66f9e-e58c-435b-9bb0-d6b66261e789?source=cve
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/rest-api.php#L460
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/rest-api.php#L513
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/blocks/block.php#L424
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/blocks/block.php#L257
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/rest-api.php#L862
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/mlw_quizmaster2.php#L890
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/php/rest-api.php#L460
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/php/rest-api.php#L513
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/blocks/block.php#L424
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/blocks/block.php#L257
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/php/rest-api.php#L862
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/mlw_quizmaster2.php#L890
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3570062%40quiz-master-next&new=3570062%40quiz-master-next&sfp_email=&sfph_mail=
Resource: N/A
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@wordfence.com
Published At:03 Jul, 2026 | 08:16
Updated At:03 Jul, 2026 | 08:16

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with contributor-level access and above, to modify quizzes they do not own, overwrite quiz results pages, and reroute quiz-result notification emails to attacker-controlled addresses. An attacker first calls the /quiz/structure endpoint with an arbitrary victim quiz ID to obtain a valid nonce bound to that quiz ID and their own user ID, then presents that nonce to the /quizzes/{id}/emails save endpoint, which accepts it without verifying quiz ownership.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Type: Primary
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-862Primarysecurity@wordfence.com
CWE ID: CWE-862
Type: Primary
Source: security@wordfence.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/blocks/block.php#L257security@wordfence.com
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/blocks/block.php#L424security@wordfence.com
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/mlw_quizmaster2.php#L890security@wordfence.com
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/php/rest-api.php#L460security@wordfence.com
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/php/rest-api.php#L513security@wordfence.com
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/php/rest-api.php#L862security@wordfence.com
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/blocks/block.php#L257security@wordfence.com
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/blocks/block.php#L424security@wordfence.com
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/mlw_quizmaster2.php#L890security@wordfence.com
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/rest-api.php#L460security@wordfence.com
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/rest-api.php#L513security@wordfence.com
N/A
https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/rest-api.php#L862security@wordfence.com
N/A
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3570062%40quiz-master-next&new=3570062%40quiz-master-next&sfp_email=&sfph_mail=security@wordfence.com
N/A
https://www.wordfence.com/threat-intel/vulnerabilities/id/49c66f9e-e58c-435b-9bb0-d6b66261e789?source=cvesecurity@wordfence.com
N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/blocks/block.php#L257
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/blocks/block.php#L424
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/mlw_quizmaster2.php#L890
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/php/rest-api.php#L460
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/php/rest-api.php#L513
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/10.3.5/php/rest-api.php#L862
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/blocks/block.php#L257
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/blocks/block.php#L424
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/mlw_quizmaster2.php#L890
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/rest-api.php#L460
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/rest-api.php#L513
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/rest-api.php#L862
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3570062%40quiz-master-next&new=3570062%40quiz-master-next&sfp_email=&sfph_mail=
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://www.wordfence.com/threat-intel/vulnerabilities/id/49c66f9e-e58c-435b-9bb0-d6b66261e789?source=cve
Source: security@wordfence.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1347Records found

CVE-2026-9233
Matching Score-10
Assigner-Wordfence
ShareView Details
Matching Score-10
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.27% / 18.98%
||
7 Day CHG~0.00%
Published-27 Jun, 2026 | 06:50
Updated-29 Jun, 2026 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Quiz and Survey Master (QSM) <= 11.1.4 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification via qsm_insert_quiz_template AJAX Action

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with contributor-level access and above, to create, modify, and delete quiz output templates stored in the mlw_quiz_output_templates database table, including storing unsanitized HTML content such as arbitrary script tags.

Action-Not Available
Vendor-expresstech
Product-Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker
CWE ID-CWE-862
Missing Authorization
CVE-2025-9294
Matching Score-10
Assigner-Wordfence
ShareView Details
Matching Score-10
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.19% / 9.27%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 08:21
Updated-08 Apr, 2026 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Quiz And Survey Master <= 10.3.1 - Missing Authorization to Authenticated (Subscriber+) Quiz Results Deletion

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the qsm_dashboard_delete_result function in all versions up to, and including, 10.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete quiz results.

Action-Not Available
Vendor-expresstechexpresstech
Product-quiz_and_survey_masterQuiz and Survey Master (QSM) – Easy Quiz and Survey Maker
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-862
Missing Authorization
CVE-2025-9637
Matching Score-6
Assigner-Wordfence
ShareView Details
Matching Score-6
Assigner-Wordfence
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 13.66%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 09:20
Updated-08 Apr, 2026 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Quiz and Survey Master (QSM) <= 10.3.1 - Missing Authorization to Unpublished, Private And Password-Protected Quiz Information Disclosure And Image Response Uploads

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability and status checks on multiple functions in all versions up to, and including, 10.3.1. This makes it possible for unauthenticated attackers to view the details of unpublished, private, or password-protected quizzes, as well as submit file responses to questions from those quizzes, which allow file upload.

Action-Not Available
Vendor-expresstechexpresstech
Product-quiz_and_survey_masterQuiz and Survey Master (QSM) – Easy Quiz and Survey Maker
CWE ID-CWE-862
Missing Authorization
CVE-2023-0291
Matching Score-6
Assigner-Wordfence
ShareView Details
Matching Score-6
Assigner-Wordfence
CVSS Score-7.2||HIGH
EPSS-2.03% / 78.72%
||
7 Day CHG~0.00%
Published-09 Jun, 2023 | 05:33
Updated-08 Apr, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Quiz And Survey Master <= 8.0.8 - Unauthenticated Arbitrary Media Deletion

The Quiz And Survey Master for WordPress is vulnerable to authorization bypass due to a missing capability check on the function associated with the qsm_remove_file_fd_question AJAX action in versions up to, and including, 8.0.8. This makes it possible for unauthenticated attackers to delete arbitrary media files.

Action-Not Available
Vendor-expresstechexpresstech
Product-quiz_and_survey_masterQuiz and Survey Master (QSM) – Easy Quiz and Survey Maker
CWE ID-CWE-862
Missing Authorization
CVE-2023-51507
Matching Score-6
Assigner-Patchstack
ShareView Details
Matching Score-6
Assigner-Patchstack
CVSS Score-5.3||MEDIUM
EPSS-0.31% / 23.14%
||
7 Day CHG~0.00%
Published-14 Jun, 2024 | 01:01
Updated-28 Apr, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Quiz And Survey Master plugin <= 8.1.16 - Broken Access Control vulnerability

Missing Authorization vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.16.

Action-Not Available
Vendor-expresstechExpressTechexpresstech
Product-quiz_and_survey_masterQuiz And Survey Masterquiz_and_survey_master
CWE ID-CWE-862
Missing Authorization
CVE-2026-57685
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-Not Assigned
Published-02 Jul, 2026 | 11:15
Updated-02 Jul, 2026 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Martfury - WooCommerce Marketplace WordPress theme theme <= 3.2.8 - Broken Access Control vulnerability

Subscriber Broken Access Control in Martfury - WooCommerce Marketplace WordPress Theme <= 3.2.8 versions.

Action-Not Available
Vendor-drfuri
Product-Martfury - WooCommerce Marketplace WordPress Theme
CWE ID-CWE-862
Missing Authorization
CVE-2025-42991
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.19% / 9.34%
||
7 Day CHG~0.00%
Published-10 Jun, 2025 | 00:12
Updated-12 Jun, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Authorization check in SAP S/4HANA (Bank Account Application)

SAP S/4HANA (Bank Account Application) does not perform necessary authorization checks. This allows an authenticated 'approver' user to delete attachment from bank account application of other user, leading to a low impact on integrity, with no impact on the confidentiality of the data or the availability of the application.

Action-Not Available
Vendor-SAP SE
Product-SAP S/4HANA (Bank Account Application)
CWE ID-CWE-862
Missing Authorization
CVE-2023-45002
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.30% / 21.76%
||
7 Day CHG~0.00%
Published-02 Jan, 2025 | 11:59
Updated-28 Apr, 2026 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WP User Frontend plugin <= 3.6.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through 3.6.8.

Action-Not Available
Vendor-weDevs Pte. Ltd.
Product-WP User Frontend
CWE ID-CWE-862
Missing Authorization
CVE-2026-9616
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.24% / 14.99%
||
7 Day CHG~0.00%
Published-24 Jun, 2026 | 05:33
Updated-25 Jun, 2026 | 13:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Generate Security.txt <= 1.0.12 - Missing Authorization to Authenticated (Subscriber+) Security.txt Deletion via delete_securitytxt AJAX Action

The Generate Security.txt plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.0.12. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete the site's security.txt file from the server filesystem or create the .well-known directory by directly invoking the delete_securitytxt or create_wellknown_folder AJAX actions.

Action-Not Available
Vendor-verenigingvanregistrars
Product-Generate Security.txt
CWE ID-CWE-862
Missing Authorization
CVE-2026-8682
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.23% / 14.01%
||
7 Day CHG~0.00%
Published-28 May, 2026 | 06:45
Updated-28 May, 2026 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
3D Viewer <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Modification via settings REST endpoint

The 3D Viewer – 3D Model Viewer – Augmented Reality – Virtual Try On plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify all plugin settings by writing arbitrary data to the ar_try_on_settings option in the database via the /wp-json/ar_try_on/v1/settings REST endpoint.

Action-Not Available
Vendor-hasanazizul
Product-3D Viewer – 3D Model Viewer – Augmented Reality – Virtual Try On
CWE ID-CWE-862
Missing Authorization
CVE-2026-9676
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-4.3||MEDIUM
EPSS-0.10% / 1.15%
||
7 Day CHG~0.00%
Published-29 Jun, 2026 | 06:00
Updated-29 Jun, 2026 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
f4 Post Tree < 2.0.5 - Subscriber+ Arbitrary Post Parent/Menu Order Modification

The F4 Post Tree WordPress plugin before 2.0.5 does not perform capability checks or CSRF/nonce verification on one of its AJAX actions, allowing authenticated users with Subscriber-level access and above to modify the parent and menu order of arbitrary posts.

Action-Not Available
Vendor-Unknown
Product-F4 Post Tree
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CWE ID-CWE-862
Missing Authorization
CVE-2020-2282
Matching Score-4
Assigner-Jenkins Project
ShareView Details
Matching Score-4
Assigner-Jenkins Project
CVSS Score-4.3||MEDIUM
EPSS-0.66% / 46.89%
||
7 Day CHG~0.00%
Published-23 Sep, 2020 | 13:10
Updated-04 Aug, 2024 | 07:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins Implied Labels Plugin 0.6 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to configure the plugin.

Action-Not Available
Vendor-Jenkins
Product-implied_labelsJenkins Implied Labels Plugin
CWE ID-CWE-862
Missing Authorization
CVE-2026-8688
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.23% / 13.34%
||
7 Day CHG~0.00%
Published-24 Jun, 2026 | 05:33
Updated-25 Jun, 2026 | 13:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Advance Nav Menu Manager <= 1.3 - Missing Authorization to Authenticated (Subscriber+) Nav Menu Item Modification via anmm_save_menu_data AJAX Action

The Advance Nav Menu Manager plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to duplicate, copy, move, or publish nav_menu_item posts via wp_insert_post(), modifying the site's navigation menus without authorization.

Action-Not Available
Vendor-krishaweb
Product-Advance Nav Menu Manager
CWE ID-CWE-862
Missing Authorization
CVE-2026-9050
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.15% / 4.87%
||
7 Day CHG~0.00%
Published-01 Jun, 2026 | 23:28
Updated-02 Jun, 2026 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Slider Revolution 6.0.0-6.7.55 and 7.0.0-7.0.14 - Missing Authorization to Authenticated (Contributor+) Arbitrary Plugin Deactivation

The Slider Revolution plugin for WordPress in versions 6.0.0-6.7.55 and 7.0.0-7.0.14 is vulnerable to unauthorized modification of data. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with Contributor-level access and above, to deactivate any active plugin installed on the site.

Action-Not Available
Vendor-Revolution Slider
Product-Slider Revolution
CWE ID-CWE-862
Missing Authorization
CVE-2026-9234
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.20% / 9.78%
||
7 Day CHG~0.00%
Published-02 Jun, 2026 | 07:48
Updated-02 Jun, 2026 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
JTL-Connector for WooCommerce <= 2.4.1 - Missing Authorization to Authenticated (Subscriber+) Settings Modification via Multiple Functions

The JTL-Connector for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.4.1. This is due to missing capability checks and nonce verification on the admin_post_settings_save_woo-jtl-connector action (handled by JtlConnectorAdmin::save()) and on the wp_ajax_downloadJTLLogs and wp_ajax_clearJTLLogs AJAX actions (handled by the global downloadJTLLogs() and clearJTLLogs() functions). This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify arbitrary plugin settings, download a ZIP archive of the connector's developer log files, and delete those log files.

Action-Not Available
Vendor-ntbyk
Product-JTL-Connector for WooCommerce
CWE ID-CWE-862
Missing Authorization
CVE-2026-8692
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.22% / 13.17%
||
7 Day CHG~0.00%
Published-22 May, 2026 | 07:50
Updated-22 May, 2026 | 12:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vedrixa Forms <= 1.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Form Structure Modification via wefb_save_form_structure AJAX Action

The Vedrixa Forms – User Registration Form, Signup Form & Drag & Drop Form Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to overwrite the structure of any form — adding, removing, or altering fields — by writing attacker-controlled data to the plugin's FORMS database table. The 'ajax-nonce' nonce used by this handler is injected into the public frontend via wp_localize_script(), so any authenticated user who visits a page containing a form shortcode can obtain it without any elevated access.

Action-Not Available
Vendor-registrationformbuilder
Product-Vedrixa Forms – User Registration Form, Signup Form & Drag & Drop Form Builder
CWE ID-CWE-862
Missing Authorization
CVE-2026-9246
Matching Score-4
Assigner-Devolutions Inc.
ShareView Details
Matching Score-4
Assigner-Devolutions Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.15% / 4.76%
||
7 Day CHG~0.00%
Published-22 May, 2026 | 15:26
Updated-22 May, 2026 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of sealed entries via a crafted API request. This issue affects : * Devolutions Server 2026.1.6.0 through 2026.1.16.0 * Devolutions Server 2025.3.20.0 and earlier

Action-Not Available
Vendor-Devolutions
Product-devolutions_serverServer
CWE ID-CWE-862
Missing Authorization
CVE-2026-8610
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.29% / 21.16%
||
7 Day CHG~0.00%
Published-20 May, 2026 | 01:25
Updated-20 May, 2026 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TypeSquare Webfonts for ConoHa <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification via 'fontThemeUseType' Parameter

The TypeSquare Webfonts for ConoHa plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the plugin's site-wide font settings, including the typesquare_auth option (fontThemeUseType), show_post_form, and typesquare_fonttheme, by submitting a POST request to any wp-admin page. For fontThemeUseType values 1 and 3, no nonce verification is performed either, meaning those branches are additionally exploitable via cross-site request forgery.

Action-Not Available
Vendor-conoha
Product-TypeSquare Webfonts for ConoHa
CWE ID-CWE-862
Missing Authorization
CVE-2026-8614
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.24% / 14.79%
||
7 Day CHG~0.00%
Published-24 Jun, 2026 | 05:33
Updated-25 Jun, 2026 | 13:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Assistio <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Deletion via assistio_plugin_delete_assistio_settings AJAX Action

The Assistio plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce verification on the assistio_plugin_delete_assistio_settings() function in versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete the plugin's options including the critical 'assistiobot_oauth_settings' option, which disrupts the plugin's integration with the Assistio bot service.

Action-Not Available
Vendor-assistioai
Product-Assistio
CWE ID-CWE-862
Missing Authorization
CVE-2026-7624
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.30% / 21.35%
||
7 Day CHG~0.00%
Published-06 Jun, 2026 | 03:28
Updated-08 Jun, 2026 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SEO Plugin by Squirrly SEO <= 12.4.16 - Missing Authorization to Authenticated (Contributor+) Privileged Cloud API Operations

The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 12.4.16. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with contributor-level access and above, to invoke privileged state-changing Squirrly cloud API operations, such as revoking the site's Google Search Console and Google Analytics integrations via `api/gsc/revoke` and `api/ga/revoke`, that are otherwise restricted to administrator-level users holding the `sq_manage_settings` capability.

Action-Not Available
Vendor-cifi
Product-SEO Plugin by Squirrly SEO
CWE ID-CWE-862
Missing Authorization
CVE-2025-4339
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.38% / 30.10%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 06:40
Updated-08 Apr, 2026 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TheGem <= 5.10.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Theme Options Update

The TheGem theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxApi() function in all versions up to, and including, 5.10.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary theme options.

Action-Not Available
Vendor-CodexThemes
Product-TheGem
CWE ID-CWE-862
Missing Authorization
CVE-2026-6709
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.21% / 11.04%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 07:48
Updated-12 May, 2026 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Coinbase Commerce for Contact Form 7 <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) API Key Modification via 'cccf7_api_key' Parameter

The Coinbase Commerce for Contact Form 7 plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.1.2. This is due to a missing capability check and missing nonce verification in the save_settings() function, which is registered on the admin_post_cccf7_save_settings hook. This makes it possible for authenticated attackers, with Subscriber-level access and above, to overwrite the plugin's Coinbase Commerce API key option (cccf7_api_key) via a crafted POST request to /wp-admin/admin-post.

Action-Not Available
Vendor-coderpress
Product-Coinbase Commerce for Contact Form 7
CWE ID-CWE-862
Missing Authorization
CVE-2026-7050
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.28% / 20.06%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 07:48
Updated-12 May, 2026 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Forms Rb <= 1.1.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification via 'form_id' Parameter

The Forms Rb plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.9. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with contributor-level access and above, to read form submission records, modify form configuration options, and delete records belonging to any form they do not own.

Action-Not Available
Vendor-rbplugins
Product-Forms Rb
CWE ID-CWE-862
Missing Authorization
CVE-2026-6883
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-2.6||LOW
EPSS-0.15% / 4.26%
||
7 Day CHG~0.00%
Published-14 May, 2026 | 05:33
Updated-16 May, 2026 | 03:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 15.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to bypass merge request approval requirements due to improper cleanup of orphaned policy records.

Action-Not Available
Vendor-GitLab Inc.
Product-gitlabGitLab
CWE ID-CWE-862
Missing Authorization
CVE-2026-6393
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.27% / 18.59%
||
7 Day CHG~0.00%
Published-24 Apr, 2026 | 03:27
Updated-24 Apr, 2026 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BetterDocs <= 4.3.11 - Missing Authorization to Authenticated (Subscriber+) Unauthorized AI API Usage

The BetterDocs plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.3.11. This is due to a missing capability check in the generate_openai_content_callback() function, which relies solely on a nonce rather than verifying user permissions. This makes it possible for authenticated attackers, with subscriber-level access and above, to trigger OpenAI API calls using the site's configured API key with arbitrary user-controlled prompts, leading to unauthorized consumption of the site owner's paid AI API quota.

Action-Not Available
Vendor-WPDeveloper
Product-BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor
CWE ID-CWE-862
Missing Authorization
CVE-2026-6689
Matching Score-4
Assigner-Mattermost, Inc.
ShareView Details
Matching Score-4
Assigner-Mattermost, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.15% / 4.77%
||
7 Day CHG~0.00%
Published-12 Jun, 2026 | 15:51
Updated-18 Jun, 2026 | 14:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
*Missing* {{invite_user}} *permission check on team creation allows unprivileged users to set open-invite and allowed-domains team settings*

Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 Fail to enforce PermissionInviteUser when setting AllowOpenInvite or AllowedDomains during team creation (the check was only applied on update/patch), which allows an authenticated user holding PermissionCreateTeam but not PermissionInviteUser on the resulting team to configure invite-controlled team settings (make the team publicly joinable via open invite and/or constrain membership via allowed domains) that they are not permitted to set on an existing team via POST /api/v4/teams with allow_open_invite: true and/or a non-empty allowed_domains in the request body.. Mattermost Advisory ID: MMSA-2026-00655

Action-Not Available
Vendor-Mattermost, Inc.
Product-mattermost_serverMattermost
CWE ID-CWE-862
Missing Authorization
CVE-2026-6703
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.23% / 13.79%
||
7 Day CHG~0.00%
Published-21 Apr, 2026 | 06:43
Updated-22 Apr, 2026 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Responsive Blocks <= 2.2.1 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification via AJAX Actions

The Responsive Blocks – Page Builder for Blocks & Patterns plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.2.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with contributor-level access and above, to modify global site-wide plugin configuration options, including toggling custom CSS, disabling blocks, changing layout defaults such as content width, container padding, and container gap, and altering auto-block-recovery behavior.

Action-Not Available
Vendor-CyberChimps Inc.
Product-Responsive Blocks – Page Builder for Blocks & Patterns
CWE ID-CWE-862
Missing Authorization
CVE-2026-7249
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.25% / 15.95%
||
7 Day CHG~0.00%
Published-22 May, 2026 | 03:39
Updated-22 May, 2026 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Location Weather <= 3.0.2 - Missing Authorization to Authenticated (Contributor+) Block Settings Modification and Cache Purging

The Location Weather plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the `splw_update_block_options()` and `lwp_clean_weather_transients()` functions in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to disable all weather blocks and purge all weather cache transients. The nonce required for these actions is exposed to all authenticated users via `wp_localize_script()` on the `init` hook.

Action-Not Available
Vendor-shapedplugin
Product-Location Weather – WordPress Weather Forecast, AQI, Temperature and Weather Widget
CWE ID-CWE-862
Missing Authorization
CVE-2026-6441
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.28% / 19.98%
||
7 Day CHG~0.00%
Published-17 Apr, 2026 | 06:44
Updated-22 Apr, 2026 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Canto <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Setting Modification

The Canto plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 3.1.1. This is due to the absence of any capability check or nonce verification in the updateOptions() function, which is exposed via two AJAX hooks: wp_ajax_updateOptions (class-canto.php line 231) and wp_ajax_fbc_updateOptions (class-canto-settings.php line 76). Both hooks are registered exclusively under the wp_ajax_ prefix (requiring only a logged-in user), with no call to current_user_can() or check_ajax_referer(). This makes it possible for authenticated attackers with subscriber-level access and above to arbitrarily modify or delete plugin options controlling cron scheduling behavior (fbc_duplicates, fbc_cron, fbc_schedule, fbc_cron_time_day, fbc_cron_time_hour, fbc_cron_start) and to manipulate or clear the plugin's scheduled WordPress cron event (fbc_scheduled_update).

Action-Not Available
Vendor-flightbycanto
Product-Canto
CWE ID-CWE-862
Missing Authorization
CVE-2026-9619
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.31% / 22.43%
||
7 Day CHG~0.00%
Published-24 Jun, 2026 | 05:33
Updated-25 Jun, 2026 | 13:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reviews and Rating <= 1.1.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via sync_reviews AJAX Action

The Reviews and Rating – Docplanner plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to trigger outbound scraping of external websites and write scraped review data into the wp_dp_reviews database table, as well as send feature-request emails from the site administrator's email address.

Action-Not Available
Vendor-berfect
Product-Reviews and Rating – Docplanner
CWE ID-CWE-862
Missing Authorization
CVE-2024-43296
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.39% / 31.24%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress HTML5 Video Player plugin <= 2.5.30 - Broken Access Control vulnerability

Missing Authorization vulnerability in bPlugins LLC Flash & HTML5 Video allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flash & HTML5 Video: from n/a through 2.5.30.

Action-Not Available
Vendor-bpluginsbPlugins LLC
Product-html5_video_playerFlash & HTML5 Video
CWE ID-CWE-862
Missing Authorization
CVE-2026-57430
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.18% / 8.29%
||
7 Day CHG~0.00%
Published-26 Jun, 2026 | 14:53
Updated-26 Jun, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress SEOPress PRO plugin <= 9.1.1 - Broken Access Control vulnerability

Contributor Broken Access Control in SEOPress PRO <= 9.1.1 versions.

Action-Not Available
Vendor-SEOPress Free
Product-SEOPress PRO
CWE ID-CWE-862
Missing Authorization
CVE-2026-57648
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.15% / 4.75%
||
7 Day CHG~0.00%
Published-26 Jun, 2026 | 14:53
Updated-29 Jun, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Nelio Content plugin <= 4.3.4 - Broken Access Control vulnerability

Contributor Broken Access Control in Nelio Content <= 4.3.4 versions.

Action-Not Available
Vendor-Nelio Software
Product-Nelio Content
CWE ID-CWE-862
Missing Authorization
CVE-2023-5506
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-5.4||MEDIUM
EPSS-0.40% / 32.29%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 11:01
Updated-08 Apr, 2026 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ImageMapper <= 1.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Page/Post Deletion via imgmap_delete_area_ajax

The ImageMapper plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'imgmap_delete_area_ajax' function in versions up to, and including, 1.2.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete arbitrary posts and pages.

Action-Not Available
Vendor-imagemapper_projectspikefinned
Product-imagemapperImageMapper
CWE ID-CWE-862
Missing Authorization
CVE-2023-44234
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.28% / 19.49%
||
7 Day CHG~0.00%
Published-12 Jun, 2024 | 09:47
Updated-28 Apr, 2026 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WP GPX Maps plugin <= 1.7.08 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bastianon Massimo WP GPX Map.This issue affects WP GPX Map: from n/a through 1.7.08.

Action-Not Available
Vendor-devfarmBastianon Massimo
Product-wp_gpx_mapsWP GPX Map
CWE ID-CWE-862
Missing Authorization
CVE-2026-53634
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.21% / 11.62%
||
7 Day CHG~0.00%
Published-10 Jun, 2026 | 20:03
Updated-11 Jun, 2026 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sharp: Missing Authorization Check in Quick Creation Command Endpoints

Sharp is a content management framework built for Laravel as a package. From version 9.0.0 to before version 9.22.3, the create and store endpoints of the Quick Creation Command feature did not enforce any authorization check. An authenticated Sharp user without create permission on a given entity could bypass the authorization layer and either retrieve the creation form or submit new records for that entity, as long as it had a Quick Creation Command handler configured. This issue has been patched in version 9.22.3.

Action-Not Available
Vendor-code16
Product-sharp
CWE ID-CWE-862
Missing Authorization
CVE-2026-8976
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.29% / 20.77%
||
7 Day CHG~0.00%
Published-05 Jun, 2026 | 23:28
Updated-08 Jun, 2026 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RSS Aggregator by Feedzy <= 5.1.7 - Missing Authorization to Authenticated (Contributor+) Import Job Creation, Execution, Purge, Log Clearing, and Information Disclosure via Multiple AJAX Sub-Actions

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.1.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with contributor-level access and above, to create and execute RSS import jobs, purge (force-delete) all posts associated with any import job, clear import error logs, and enumerate taxonomy terms and post meta_key names. The nonce required to reach these sub-handlers is leaked to any user with the edit_posts capability via the feedzyjs localized script injected into the block editor, meaning no privileged nonce theft or separate exploit step is required for Contributor-level users.

Action-Not Available
Vendor-Themeisle
Product-RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator
CWE ID-CWE-862
Missing Authorization
CVE-2025-4202
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.24% / 14.68%
||
7 Day CHG~0.00%
Published-16 May, 2026 | 12:30
Updated-18 May, 2026 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multicollab: Content Team Collaboration and Editorial Workflow <= 5.2 - Missing Authorization to Authenticated (Subscriber+) Collaboration Comment

The Multicollab: Content Team Collaboration and Editorial Workflow plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'cf_add_comment' function in all versions up to, and including, 5.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to add comments to arbitrary collaborations.

Action-Not Available
Vendor-multicollab
Product-Multicollab: Content Team Collaboration and Editorial Workflow
CWE ID-CWE-862
Missing Authorization
CVE-2026-5296
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.20% / 9.48%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 17:55
Updated-27 May, 2026 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that when foundational flows were enabled at the group level, could have allowed an authenticated user with developer-role permissions to bypass flow restrictions under certain conditions.

Action-Not Available
Vendor-GitLab Inc.
Product-gitlabGitLab
CWE ID-CWE-862
Missing Authorization
CVE-2025-42960
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.19% / 8.81%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 00:35
Updated-08 Jul, 2025 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Authorization Check in SAP Business Warehouse and SAP BW/4HANA BEx Tools

SAP Business Warehouse and SAP BW/4HANA BEx Tools allow an authenticated attacker to gain higher access levels than intended by exploiting improper authorization checks. This could potentially impact data integrity by allowing deletion of user table entries.�It has no impact on the confidentiality and availability of the application.

Action-Not Available
Vendor-SAP SE
Product-SAP Business Warehouse and SAP BW/4HANA BEx Tools
CWE ID-CWE-862
Missing Authorization
CVE-2026-48811
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.15% / 5.06%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 19:47
Updated-01 Jun, 2026 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeScout: Thread Deletion Bypasses Mailbox Access Revocation

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, FreeScout allows a non-admin user to permanently delete an internal note (private thread) from any conversation, even after that user's access to the mailbox containing the conversation has been revoked. The ThreadPolicy::delete authorization policy does not verify mailbox membership, so a former team member retains destructive write access to notes they created. This vulnerability is fixed in 1.8.221.

Action-Not Available
Vendor-freescout-help-desk
Product-freescout
CWE ID-CWE-862
Missing Authorization
CVE-2026-48973
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.20% / 9.98%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 14:28
Updated-27 May, 2026 | 15:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress SVG Support plugin <= 2.5.14 - Broken Access Control vulnerability

Missing Authorization vulnerability in Benbodhi SVG Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SVG Support: from n/a through 2.5.14.

Action-Not Available
Vendor-Benbodhi
Product-SVG Support
CWE ID-CWE-862
Missing Authorization
CVE-2026-4843
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.19% / 9.09%
||
7 Day CHG~0.00%
Published-21 May, 2026 | 19:29
Updated-22 May, 2026 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GSheet For Woo Importer <= 2.3.1 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Reset

The GSheet For Woo Importer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the process_ajax_restore_action() function in all versions up to, and including, 2.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete the plugin's Google Sheets API token and configuration options.

Action-Not Available
Vendor-mrdollar4444
Product-GSheet For Woo Importer
CWE ID-CWE-862
Missing Authorization
CVE-2026-49052
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.15% / 4.76%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 14:55
Updated-27 May, 2026 | 16:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress ElementsKit Elementor addons Lite plugin <= 3.9.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Wpmet ElementsKit Elementor addons Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ElementsKit Elementor addons Lite: from n/a through 3.9.6.

Action-Not Available
Vendor-Wpmet
Product-ElementsKit Elementor addons Lite
CWE ID-CWE-862
Missing Authorization
CVE-2026-9015
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.30% / 21.75%
||
7 Day CHG~0.00%
Published-28 May, 2026 | 07:43
Updated-28 May, 2026 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Equalize Digital Accessibility Checker <= 1.42.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Accessibility Issue Modification via edac_insert_ignore_data AJAX Action

The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the ignore state, ignore reason, and ignore comment of arbitrary accessibility issues across the entire site — including mass modification of all rows sharing an 'object' identifier when largeBatch=true is supplied — corrupting accessibility audit integrity by hiding or dismissing findings outside their authorization scope.

Action-Not Available
Vendor-equalizedigital
Product-Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance
CWE ID-CWE-862
Missing Authorization
CVE-2025-26367
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.27% / 19.28%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 13:29
Updated-10 Apr, 2025 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated (low-privileged) attacker to create arbitrary user groups via crafted HTTP requests.

Action-Not Available
Vendor-Q-Free
Product-maxtimeMaxTime
CWE ID-CWE-862
Missing Authorization
CVE-2026-7621
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.25% / 16.24%
||
7 Day CHG~0.00%
Published-28 May, 2026 | 06:45
Updated-28 May, 2026 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SMTP2GO for WordPress <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to truncate all SMTP2GO log records from the database or download a CSV export of all SMTP log data including recipient addresses, sender addresses, message subjects, and API response data.

Action-Not Available
Vendor-smtp2go
Product-SMTP2GO for WordPress – Email Made Easy
CWE ID-CWE-862
Missing Authorization
CVE-2026-4888
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.27% / 19.29%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 23:26
Updated-28 May, 2026 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder <= 3.4.7 - Missing Authorization to Authenticated (Subscriber+) Email Sending

The Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder plugin for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the send_test_email() function in all versions up to, and including, 3.4.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to send test emails to arbitrary addresses from the server.

Action-Not Available
Vendor-wpeverest
Product-Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder
CWE ID-CWE-862
Missing Authorization
CVE-2025-39413
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.32% / 23.66%
||
7 Day CHG~0.00%
Published-30 Apr, 2025 | 17:18
Updated-28 Apr, 2026 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Simple Sitemap – Create a Responsive HTML Sitemap plugin <= 3.6.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in David Gwyer Simple Sitemap – Create a Responsive HTML Sitemap simple-sitemap.This issue affects Simple Sitemap – Create a Responsive HTML Sitemap: from n/a through <= 3.6.0.

Action-Not Available
Vendor-wpgopluginsDavid Gwyer
Product-simple_sitemapSimple Sitemap – Create a Responsive HTML Sitemap
CWE ID-CWE-862
Missing Authorization
CVE-2026-7563
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-4.3||MEDIUM
EPSS-0.27% / 17.91%
||
7 Day CHG~0.00%
Published-15 May, 2026 | 08:27
Updated-15 May, 2026 | 14:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Classified Listing <= 5.3.10 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via add_order_note and send_email_to_user_by_moderator AJAX Actions

The Classified Listing – AI-Powered Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 5.3.10. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to add arbitrary notes to any order and trigger unsolicited notification and moderation emails to listing owners without administrative authorization.

Action-Not Available
Vendor-techlabpro1
Product-Classified Listing – AI-Powered Classified ads & Business Directory Plugin
CWE ID-CWE-862
Missing Authorization
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 26
  • 27
  • Next
Details not found