Skip to main content

Kuteshop

1 CVEs product

Monthly

CVE-2026-39612 MEDIUM This Month

Incorrectly configured access control in kutethemes KuteShop theme versions up to 4.2.9 allows unauthenticated remote attackers to modify data via missing authorization checks on sensitive operations. The vulnerability enables exploitation of insufficient access control mechanisms without authentication, though with limited impact confined to data integrity rather than confidentiality or availability.

Authentication Bypass Kuteshop
NVD
CVSS 3.1
5.3
EPSS
0.0%
EPSS 0% CVSS 5.3
MEDIUM This Month

Incorrectly configured access control in kutethemes KuteShop theme versions up to 4.2.9 allows unauthenticated remote attackers to modify data via missing authorization checks on sensitive operations. The vulnerability enables exploitation of insufficient access control mechanisms without authentication, though with limited impact confined to data integrity rather than confidentiality or availability.

Authentication Bypass Kuteshop
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy