Skip to main content

WPComplete EUVDEUVD-2026-39666

| CVE-2026-57661 MEDIUM
Missing Authorization (CWE-862)
2026-06-26 audit@patchstack.com GHSA-cf3c-69c8-pp4q
5.4
CVSS 3.1 · Vendor: patchstack
Share

Severity by source

Vendor (patchstack) PRIMARY
5.4 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
vuln.today AI
5.4 MEDIUM

Subscriber authentication required (PR:L); network-accessible with no complexity; no confidentiality impact per described access control bypass scope.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (patchstack).

CVSS VectorVendor: patchstack

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low

Lifecycle Timeline

1
Analysis Generated
Jun 26, 2026 - 16:08 vuln.today

DescriptionCVE.org

Subscriber Broken Access Control in WPComplete <= 2.9.5.5 versions.

AnalysisAI

Broken access control in WPComplete WordPress plugin versions up to and including 2.9.5.5 allows authenticated subscribers to perform actions reserved for higher-privileged roles. The flaw stems from missing authorization checks (CWE-862), enabling low-privileged WordPress users to bypass access restrictions on plugin functionality. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Register or obtain subscriber WordPress account
Delivery
Authenticate to target site
Exploit
Send crafted request to unprotected WPComplete endpoint
Execution
Bypass missing authorization check
Impact
Modify course completion data or trigger restricted plugin action

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid WordPress subscriber-level account on the target site. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The NVD CVSS score of 5.4 (Medium) reflects a constrained impact profile: no confidentiality breach (C:N), limited integrity modification (I:L), and limited availability disruption (A:L). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker registers a free subscriber account on a WordPress site running WPComplete ≤ 2.9.5.5. Using the subscriber session token, they send crafted requests to unprotected plugin endpoints - bypassing role checks - to mark course content as complete, reset other users' progress, or trigger restricted administrative functions within the plugin. …
Remediation No vendor-released patch version is identified at time of analysis based on available data - the EUVD affected version field lists no fixed release. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-39666 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy