cleantalk
Vulnerabilities and Security Researches

Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors, CVE-2026-25330

CVE, Research URL

CVE-2026-25330

Home page URL

Security reports for Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors

Application

Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors

Published on
Feb 19, 2026
Research Description
Missing Authorization vulnerability in PublishPress PublishPress Authors publishpress-authors allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PublishPress Authors: from n/a through <= 4.10.1.
Affected versions
max 4.10.1.
Status
vulnerable
Previous vulnerability researches
CRM and Lead Management by vcita (CVE-2025-5240) , Jul 23, 2025
CRM and Lead Management by vcita (CVE-2024-13702) , Mar 27, 2025
CRM and Lead Management by vcita (CVE-2024-13703) , Mar 14, 2025
CRM and Lead Management by vcita (CVE-2023-2405) , Jun 07, 2024
CRM and Lead Management by vcita (CVE-2023-2404) , Jun 07, 2024
New vulnerability
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) (CVE-2025-14274) , Feb 27, 2026
CTX Feed – WooCommerce Product Feed Manager Plugin (CVE-2025-12975) , Feb 27, 2026
CTX Feed – WooCommerce Product Feed Manager Plugin (CVE-2026-22461) , Feb 27, 2026
Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors (CVE-2026-25330) , Feb 27, 2026
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode (CVE-2026-27368) , Feb 27, 2026