CVE-2026-25402 WordPress Knowledge Base for Documentation, FAQs with AI Assistance plugin <= 16.011.0 - Broken Access Control vulnerability

🗓️ 19 Feb 2026 08:27:04Reported by PatchstackType

CVE-2026-25402: WordPress knowledge base plugin has broken access control and missing authorization up to 16.011.0.

Reporter	Title	Published	Views	Family All 8
ATTACKERKB	CVE-2026-25402	19 Feb 202608:27	–	attackerkb
CNNVD	WordPress plugin Knowledge Base for Documentation, FAQs with AI Assistance 安全漏洞	19 Feb 202600:00	–	cnnvd
CVE	CVE-2026-25402	19 Feb 202608:27	–	cve
NVD	CVE-2026-25402	19 Feb 202609:16	–	nvd
Patchstack	WordPress Knowledge Base for Documentation, FAQs with AI Assistance plugin <= 16.011.0 - Broken Access Control vulnerability	29 Jan 202617:35	–	patchstack
Positive Technologies	PT-2026-20730	19 Feb 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-25402	20 Feb 202613:27	–	redhatcve
Vulnrichment	CVE-2026-25402 WordPress Knowledge Base for Documentation, FAQs with AI Assistance plugin <= 16.011.0 - Broken Access Control vulnerability	19 Feb 202608:27	–	vulnrichment

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "echo-knowledge-base",
    "product": "Knowledge Base for Documentation, FAQs with AI Assistance",
    "vendor": "echoplugins",
    "versions": [
      {
        "changes": [
          {
            "at": "16.20.0",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "16.011.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/Wordpress/Plugin/echo-knowledge-base/vulnerability/wordpress-knowledge-base-for-documentation-faqs-with-ai-assistance-plugin-16-011-0-broken-access-control-vulnerability

28 Apr 2026 16:14Current

CVSS 3.14.3

EPSS0.00185

CWE-862