Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionCVE.org
Missing Authorization vulnerability in Ronik@UnlimitedWP WPSchoolPress wpschoolpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSchoolPress: from n/a through <= 2.2.35.
AnalysisAI
WPSchoolPress plugin through version 2.2.35 allows authenticated high-privilege users to bypass authorization controls and access sensitive information they should not be able to view due to incorrectly configured access control security levels. The CVSS score of 4.9 reflects the confidentiality impact limited to authenticated high-privilege attackers with no integrity or availability risk, though the EPSS score of 0.02% suggests exploitation in real-world scenarios remains minimal at time of analysis. No public exploit code or active exploitation has been identified.
Technical ContextAI
WPSchoolPress is a WordPress plugin managing educational institution operations. The vulnerability stems from CWE-862 (Missing Authorization), a failure to implement proper access control mechanisms that verify whether an authenticated user has permission to perform requested actions. In this case, the plugin implements security levels (roles/capabilities) but does not consistently enforce them across all functional endpoints, allowing users with elevated privileges to query or access data restricted by those security levels. The CPE identifier cpe:2.3:a:ronik@unlimitedwp:wpschoolpress:*:*:*:*:*:*:*:* indicates all versions of the plugin are potentially affected.
RemediationAI
Update WPSchoolPress to a version later than 2.2.35 released by Ronik@UnlimitedWP. Users should navigate to their WordPress plugin dashboard, locate WPSchoolPress, and apply the latest available update. As an interim control pending patching, administrators should audit role-based access controls and restrict high-privilege accounts to only necessary users, verify that user permission checks are consistently applied across all plugin modules, and monitor WordPress user activity logs for unauthorized data access attempts. See Patchstack database entry (https://patchstack.com/database/Wordpress/Plugin/wpschoolpress/vulnerability/wordpress-wpschoolpress-plugin-2-2-35-broken-access-control-vulnerability?_s_id=cve) for patch availability confirmation and NVD advisory (https://nvd.nist.gov/vuln/detail/CVE-2026-39631) for additional technical details.
More in Wpschoolpress
View allThe School Management System WordPress plugin before 2.2.5 uses the WordPress esc_sql() function on a field not delimite
The School Management System - WPSchoolPress WordPress plugin before 2.1.10 does not properly sanitize or use prepared s
The School Management System - WPSchoolPress plugin for WordPress is vulnerable to privilege escalation via account take
The School Management System - WPSchoolPress WordPress plugin before 2.1.17 sanitise some fields using sanitize_text_fie
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-20282
GHSA-4qx4-3c96-wjpr