Skip to main content

Nm Gift Registry And Wishlist Lite

1 CVEs product

Monthly

CVE-2026-39588 MEDIUM This Month

NM Gift Registry and Wishlist Lite WordPress plugin versions up to 5.13 allows unauthenticated remote attackers to modify data through missing authorization checks on access control settings. The vulnerability stems from incorrectly configured authorization levels that fail to validate user permissions before processing requests, enabling attackers to bypass authentication mechanisms and alter registry or wishlist information without proper credentials. EPSS score of 0.02% indicates minimal real-world exploitation probability despite the low attack complexity.

Authentication Bypass Nm Gift Registry And Wishlist Lite
NVD
CVSS 3.1
5.3
EPSS
0.0%
EPSS 0% CVSS 5.3
MEDIUM This Month

NM Gift Registry and Wishlist Lite WordPress plugin versions up to 5.13 allows unauthenticated remote attackers to modify data through missing authorization checks on access control settings. The vulnerability stems from incorrectly configured authorization levels that fail to validate user permissions before processing requests, enabling attackers to bypass authentication mechanisms and alter registry or wishlist information without proper credentials. EPSS score of 0.02% indicates minimal real-world exploitation probability despite the low attack complexity.

Authentication Bypass Nm Gift Registry And Wishlist Lite
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy