Skip to main content

Rapid Car Check Vehicle Data

1 CVEs product

Monthly

CVE-2026-39687 MEDIUM This Month

Rapid Car Check Vehicle Data WordPress plugin versions through 2.0 fails to properly enforce access controls on vehicle data endpoints, allowing unauthenticated remote attackers to modify or access vehicle records through misconfigured authorization checks. The CVSS score of 5.3 reflects limited direct impact (integrity only, no confidentiality or availability breach), but the zero-authentication requirement (PR:N/UI:N) combined with EPSS score of 0.02% and lack of evidence of active exploitation suggest this is a low-priority vulnerability despite network accessibility.

Authentication Bypass Rapid Car Check Vehicle Data
NVD
CVSS 3.1
5.3
EPSS
0.0%
EPSS 0% CVSS 5.3
MEDIUM This Month

Rapid Car Check Vehicle Data WordPress plugin versions through 2.0 fails to properly enforce access controls on vehicle data endpoints, allowing unauthenticated remote attackers to modify or access vehicle records through misconfigured authorization checks. The CVSS score of 5.3 reflects limited direct impact (integrity only, no confidentiality or availability breach), but the zero-authentication requirement (PR:N/UI:N) combined with EPSS score of 0.02% and lack of evidence of active exploitation suggest this is a low-priority vulnerability despite network accessibility.

Authentication Bypass Rapid Car Check Vehicle Data
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy