CVE Catalog

CVE-2026-57430

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Summary

The SEOPress PRO plugin version 9.1.1 and earlier contains a vulnerability related to broken access control for contributors. A user with the contributor role can gain unauthorized access to functions that should be restricted.

Risk Assessment

The risk involves potential privilege escalation by contributors, which may lead to unauthorized changes in SEO configuration or access to sensitive data.

Recommendation

It is recommended to immediately update the SEOPress PRO plugin to a version newer than 9.1.1, which includes a fix for this vulnerability.

Original NVD description (English source)

Contributor Broken Access Control in SEOPress PRO <= 9.1.1 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS