5.4
CVE-2026-57646
- EPSS -
- Veröffentlicht 26.06.2026 14:53:19
- Zuletzt bearbeitet 26.06.2026 16:16:35
- Quelle audit@patchstack.com
- CVE-Watchlists
- Unerledigt
WordPress Majestic Support plugin <= 1.1.7 - Insecure Direct Object References (IDOR) vulnerability
Subscriber Insecure Direct Object References (IDOR) in Majestic Support <= 1.1.7 versions.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerMajestic Support
≫
Produkt
Majestic Support
Default Statusunaffected
Version <=
1.1.7
Version
n/a
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| audit@patchstack.com | 5.4 | 2.8 | 2.5 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
|
CWE-639 Authorization Bypass Through User-Controlled Key
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
https://patchstack.com/database/wordpress/plugin/majestic-support/vulnerability/wordpress-majestic-support-plugin-1-1-7-insecure-direct-object-references-idor-vulnerability?_s_id=cve