Skip to main content

Edumall

1 CVEs product

Monthly

CVE-2026-57797 MEDIUM This Month

Broken access control in ThemeMove's EduMall WordPress theme (versions through 4.5.1) permits authenticated low-privileged users to invoke restricted functionality without proper authorization checks. An attacker with any valid WordPress account can bypass the intended access control tiers and trigger actions that degrade site availability. No public exploit code or active exploitation has been identified at time of analysis, and the CVSS score of 4.3 reflects a contained, low-severity impact limited to availability.

Authentication Bypass Edumall
NVD
CVSS 3.1
4.3
EPSS
0.3%
EPSS 0% CVSS 4.3
MEDIUM This Month

Broken access control in ThemeMove's EduMall WordPress theme (versions through 4.5.1) permits authenticated low-privileged users to invoke restricted functionality without proper authorization checks. An attacker with any valid WordPress account can bypass the intended access control tiers and trigger actions that degrade site availability. No public exploit code or active exploitation has been identified at time of analysis, and the CVSS score of 4.3 reflects a contained, low-severity impact limited to availability.

Authentication Bypass Edumall
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy