CVE Catalog
CVE-2026-57353
MediumCVSS 6.5Summary
The Link Whisper Premium plugin version 2.9.0 and earlier contains a broken access control vulnerability for subscribers. This allows users with the subscriber role to perform operations they should not be authorized for.
Risk Assessment
The organization is at risk of unauthorized access to administrative plugin functions, potentially leading to data leakage or content manipulation.
Recommendation
Immediately update the Link Whisper Premium plugin to the latest available version that fixes this vulnerability.
Original NVD description (English source)
Subscriber Broken Access Control in Link Whisper Premium <= 2.9.0 versions.

