2 matches found
CVE-2026-10753 Site Kit by Google < 1.176.0 - Editor+ Email Reporting Settings Update
The Site Kit by Google WordPress plugin before 1.176.0 does not properly restrict a REST API write endpoint to administrators, allowing lower-privileged users who have been granted dashboard sharing access such as Editors to modify a site-wide Site Kit by Google WordPress plugin before 1.176.0...
PT-2026-47059
Name of the Vulnerable Software and Affected Versions Site Kit by Google WordPress plugin versions prior to 1.176.0 Description A broken access control flaw exists in a REST API write endpoint that fails to properly restrict access to administrators. This allows lower-privileged users, such as...