Skip to main content

Cf7 Wow Styler

1 CVEs product

Monthly

CVE-2026-27393 MEDIUM This Month

Missing authorization in the CF7 WOW Styler WordPress plugin (versions through 1.7.6) permits unauthenticated remote attackers to perform restricted administrative actions due to absent capability checks on one or more plugin endpoints. The CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms exploitation requires no credentials and no user interaction, making it trivially reachable on any publicly exposed WordPress site running the affected plugin. Impact is limited to low-integrity writes (C:N/I:L/A:N), but no public exploit or CISA KEV entry has been identified at time of analysis.

Authentication Bypass Cf7 Wow Styler
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
EPSS 0% CVSS 5.3
MEDIUM This Month

Missing authorization in the CF7 WOW Styler WordPress plugin (versions through 1.7.6) permits unauthenticated remote attackers to perform restricted administrative actions due to absent capability checks on one or more plugin endpoints. The CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms exploitation requires no credentials and no user interaction, making it trivially reachable on any publicly exposed WordPress site running the affected plugin. Impact is limited to low-integrity writes (C:N/I:L/A:N), but no public exploit or CISA KEV entry has been identified at time of analysis.

Authentication Bypass Cf7 Wow Styler
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy