CVE-2026-42753
HighSummary
CVE-2026-42753 describes a missing authorization vulnerability in the WC Lovers WCFM Membership plugin, allowing exploitation of incorrectly configured access control security levels. This issue affects WCFM Membership from n/a through version 2.11.10.
Risk Assessment
The lack of proper authorization may lead to unauthorized access to resources, posing a serious threat to the organization's data security.
Recommendation
It is recommended to update the WCFM Membership plugin to the latest version to mitigate this vulnerability and conduct an access configuration audit.
Original NVD description (English source)
Missing Authorization vulnerability in WC Lovers WCFM Membership wc-multivendor-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCFM Membership: from n/a through <= 2.11.10.

