Miraculous
Monthly
A Missing Authorization vulnerability (CWE-862) exists in the Miraculous theme by kamleshyadav, affecting versions prior to 2.1.2, that allows attackers to bypass access control security levels through incorrectly configured authorization mechanisms. An attacker can exploit this flaw to access restricted functionality or resources that should require proper authentication and authorization checks. While no CVSS score, EPSS data, or KEV status has been publicly assigned, the vulnerability has been documented by Patchstack and carries authentication bypass implications that warrant timely patching.
A Missing Authorization vulnerability (CWE-862) exists in the Miraculous theme by kamleshyadav, affecting versions prior to 2.1.2, that allows attackers to bypass access control security levels through incorrectly configured authorization mechanisms. An attacker can exploit this flaw to access restricted functionality or resources that should require proper authentication and authorization checks. While no CVSS score, EPSS data, or KEV status has been publicly assigned, the vulnerability has been documented by Patchstack and carries authentication bypass implications that warrant timely patching.