CVE Catalog

CVE-2026-57353

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Summary

The Link Whisper Premium plugin version 2.9.0 and earlier contains a broken access control vulnerability for subscribers. This allows users with the subscriber role to perform operations they should not be authorized for.

Risk Assessment

The organization is at risk of unauthorized access to administrative plugin functions, potentially leading to data leakage or content manipulation.

Recommendation

Immediately update the Link Whisper Premium plugin to the latest available version that fixes this vulnerability.

Original NVD description (English source)

Subscriber Broken Access Control in Link Whisper Premium <= 2.9.0 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS