Skip to main content

WPCafe CVE-2026-57622

| EUVDEUVD-2026-39742 MEDIUM
Missing Authorization (CWE-862)
2026-06-26 audit@patchstack.com GHSA-g4pp-jwh8-2p64
4.3
CVSS 3.1 · Vendor: patchstack
Share

Severity by source

Vendor (patchstack) PRIMARY
4.3 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
vuln.today AI
4.3 MEDIUM

Network-reachable endpoint requires only a subscriber account (PR:L); missing authorization yields read-only data access (C:L), no integrity or availability impact.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (patchstack).

CVSS VectorVendor: patchstack

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jun 26, 2026 - 16:15 vuln.today

DescriptionCVE.org

Subscriber Broken Access Control in WPCafe <= 3.0.14 versions.

AnalysisAI

Broken access control in the WPCafe WordPress plugin (versions 3.0.14 and earlier) allows authenticated subscriber-level users to access restricted functionality or data without proper authorization checks. The flaw stems from missing authorization (CWE-862) on one or more plugin endpoints, permitting low-privileged WordPress accounts to bypass intended access restrictions. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Register or obtain subscriber account
Delivery
Authenticate to WordPress site
Exploit
Send crafted request to unprotected WPCafe endpoint
Execution
Bypass authorization check
Impact
Read restricted data

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to hold a valid WordPress subscriber-level account (or higher) on the target site - this is confirmed by the CVSS PR:L metric. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The NVD CVSS score of 4.3 (Medium) is consistent with a read-only, authenticated access control bypass. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A threat actor registers a free subscriber account on a WordPress site running WPCafe 3.0.14 or earlier (or uses an existing low-privilege account). The attacker then sends a crafted authenticated HTTP request to the vulnerable plugin endpoint - such as an AJAX action or REST route - that lacks a capability check, gaining access to restricted order data, configuration, or administrative functions intended only for higher-privileged roles. …
Remediation The primary remediation is to update the WPCafe plugin to a version beyond 3.0.14 as soon as a patched release is confirmed available; refer to the Patchstack advisory at https://patchstack.com/database/wordpress/plugin/wp-cafe/vulnerability/wordpress-wpcafe-plugin-3-0-14-broken-access-control-vulnerability for the confirmed fixed version. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-57622 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy