Skip to main content

Atarim EUVDEUVD-2026-11993

| CVE-2026-32447 MEDIUM
Missing Authorization (CWE-862)
2026-03-13 Patchstack
4.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Mar 13, 2026 - 16:57 euvd
EUVD-2026-11993
Analysis Generated
Mar 13, 2026 - 16:57 vuln.today
CVE Published
Mar 13, 2026 - 11:42 nvd
MEDIUM 4.3

DescriptionCVE.org

Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through <= 4.3.2.

AnalysisAI

Atarim visual collaboration through version 4.3.2 contains an authorization bypass vulnerability that allows authenticated users to modify data they should not have access to due to incorrectly configured access controls. An attacker with valid credentials can exploit this misconfiguration to perform unauthorized modifications within the application. No patch is currently available for this vulnerability.

Technical ContextAI

This vulnerability is classified under CWE-862 (Missing Authorization), which represents a failure to properly enforce authorization policies after authentication has occurred. The Atarim visual collaboration plugin (CPE identifier: cpe:2.3:a:vito_peleg:atarim-visual-collaboration) operates as a WordPress or content collaboration extension that manages access control to collaborative editing features and shared resources. The root cause stems from incorrect configuration or implementation of role-based access control (RBAC) mechanisms that fail to validate user permissions before allowing modification operations, allowing authenticated users to escalate their implicit permissions beyond their assigned security level.

RemediationAI

Immediately upgrade Atarim visual collaboration to version 4.3.3 or later when available, as this is the primary remediation path. Until patches are deployed, enforce strict role-based access control by auditing and restricting user permissions within Atarim settings, disabling collaborative editing for lower-privilege users, and limiting access to sensitive shared resources to only administrators or trusted power users. Implement network-level access controls to restrict Atarim plugin access to authenticated, internal networks only, and enable comprehensive audit logging to detect unauthorized modification attempts. Review audit logs for any suspicious permission escalation or unauthorized modifications performed by low-privilege accounts.

Share

EUVD-2026-11993 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy