Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
PR:L confirmed by 'Subscriber' in title; C:L only as no integrity or availability impact is described; AV:N and AC:L per network-accessible WordPress AJAX pattern.
Primary rating from Vendor (Patchstack).
CVSS VectorVendor: Patchstack
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
Subscriber Broken Access Control in Flatsome <= 3.20.5 versions.
AnalysisAI
Broken access control in Flatsome WordPress theme versions 3.20.5 and earlier allows authenticated subscriber-level users to access restricted resources or perform actions beyond their intended authorization. The flaw stems from missing authorization checks (CWE-862) on one or more endpoints or actions within the theme, enabling low-privilege WordPress users to retrieve information they should not be permitted to view. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an authenticated WordPress session at subscriber privilege level or higher - this is the critical limiting condition. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The NVD CVSS score of 4.3 (Medium) accurately reflects a meaningful but not critical risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker registers or already holds a subscriber account on a WooCommerce-enabled site running Flatsome 3.20.5 or earlier - a common scenario on any store with customer self-registration. The attacker then sends a crafted authenticated HTTP request to a theme-specific endpoint or AJAX action that lacks proper capability checks, retrieving restricted data such as order details, theme configuration, or user information. … |
| Remediation | Update the Flatsome theme to a version released after 3.20.5, which should contain the authorization fix per Patchstack's disclosure at https://patchstack.com/database/wordpress/theme/flatsome/vulnerability/wordpress-flatsome-theme-3-20-5-broken-access-control-vulnerability?_s_id=cve. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Deserialization of Untrusted Data vulnerability in UX-themes Flatsome | Multi-Purpose Responsive WooCommerce Theme.17.5.
Broken access control in the UX-Themes Flatsome WordPress theme (versions up to and including 3.20.5) allows remote unau
Reflected cross-site scripting in the UX-themes Flatsome WordPress/WooCommerce theme (all versions up to and including 3
Broken access control in the Flatsome WordPress theme (versions <= 3.20.5) allows contributor-level authenticated users
The Flatsome theme for WordPress is vulnerable to Stored Cross-Site Scripting via the UX Countdown, Video Button, UX Vid
Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low at
Insufficient authorization controls in Flatsome theme versions 3.19.6 and earlier allow unauthenticated remote attackers
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41300
GHSA-5wj4-4cxx-q463