Skip to main content

Bizreview

1 CVEs product

Monthly

CVE-2026-39606 MEDIUM This Month

Missing authorization in Foysal Imran BizReview WordPress plugin versions up to 1.5.13 allows unauthenticated remote attackers to modify data via incorrectly configured access control, bypassing intended permission restrictions. The CVSS score of 5.3 reflects low integrity impact with no confidentiality or availability compromise. EPSS probability is extremely low at 0.02%, and no public exploit code or active exploitation has been identified, suggesting this is a configuration-level authorization flaw rather than a critical remote code execution vulnerability.

Authentication Bypass Bizreview
NVD
CVSS 3.1
5.3
EPSS
0.0%
EPSS 0% CVSS 5.3
MEDIUM This Month

Missing authorization in Foysal Imran BizReview WordPress plugin versions up to 1.5.13 allows unauthenticated remote attackers to modify data via incorrectly configured access control, bypassing intended permission restrictions. The CVSS score of 5.3 reflects low integrity impact with no confidentiality or availability compromise. EPSS probability is extremely low at 0.02%, and no public exploit code or active exploitation has been identified, suggesting this is a configuration-level authorization flaw rather than a critical remote code execution vulnerability.

Authentication Bypass Bizreview
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy