cleantalk
Vulnerabilities and Security Researches

WpStream – Live Streaming, Video on Demand, Pay Per View, CVE-2026-39526

CVE, Research URL

CVE-2026-39526

Home page URL

Security reports for WpStream – Live Streaming, Video on Demand, Pay Per View

Application

WpStream – Live Streaming, Video on Demand, Pay Per View

Published on
Apr 08, 2026
Research Description
Authorization Bypass Through User-Controlled Key vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through < 4.11.2.
Affected versions
max 4.11.2.
Status
vulnerable
Previous vulnerability researches
WpStream &#8211; Live Streaming, Video on Demand, Pay Per View (CVE-2023-27458) , Jun 06, 2024
WpStream &#8211; Live Streaming, Video on Demand, Pay Per View (CVE-2023-38512) , Jun 06, 2024
WpStream &#8211; Live Streaming, Video on Demand, Pay Per View (CVE-2025-68522) , Jan 11, 2026
WpStream &#8211; Live Streaming, Video on Demand, Pay Per View (CVE-2026-39527) , Apr 21, 2026
WpStream &#8211; Live Streaming, Video on Demand, Pay Per View (CVE-2025-68521) , Jan 11, 2026
New vulnerability
wpForo Forum (CVE-2026-6248) , Apr 22, 2026
Email Encoder &#8211; Protect Email Addresses and Phone Numbers (CVE-2024-7083) , Apr 21, 2026
WpStream &#8211; Live Streaming, Video on Demand, Pay Per View (CVE-2026-39527) , Apr 21, 2026
Page Builder Gutenberg Blocks – CoBlocks (CVE-2026-4801) , Apr 20, 2026
Categories Images (CVE-2026-2505) , Apr 20, 2026