Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Network-reachable endpoint requires only a subscriber account (PR:L); missing authorization yields read-only data access (C:L), no integrity or availability impact.
Primary rating from Vendor (patchstack).
CVSS VectorVendor: patchstack
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
Subscriber Broken Access Control in WPCafe <= 3.0.14 versions.
AnalysisAI
Broken access control in the WPCafe WordPress plugin (versions 3.0.14 and earlier) allows authenticated subscriber-level users to access restricted functionality or data without proper authorization checks. The flaw stems from missing authorization (CWE-862) on one or more plugin endpoints, permitting low-privileged WordPress accounts to bypass intended access restrictions. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to hold a valid WordPress subscriber-level account (or higher) on the target site - this is confirmed by the CVSS PR:L metric. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The NVD CVSS score of 4.3 (Medium) is consistent with a read-only, authenticated access control bypass. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A threat actor registers a free subscriber account on a WordPress site running WPCafe 3.0.14 or earlier (or uses an existing low-privilege account). The attacker then sends a crafted authenticated HTTP request to the vulnerable plugin endpoint - such as an AJAX action or REST route - that lacks a capability check, gaining access to restricted order data, configuration, or administrative functions intended only for higher-privileged roles. … |
| Remediation | The primary remediation is to update the WPCafe plugin to a version beyond 3.0.14 as soon as a patched release is confirmed available; refer to the Patchstack advisory at https://patchstack.com/database/wordpress/plugin/wp-cafe/vulnerability/wordpress-wpcafe-plugin-3-0-14-broken-access-control-vulnerability for the confirmed fixed version. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39742
GHSA-g4pp-jwh8-2p64