Really Simple Security < 9.1.2 - Authentication Bypass

The Really Simple Security Free, Pro, and Pro Multisite plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling in the two-factor REST API actions with the 'checkloginandgetuser' function. This makes it possible...

CVE-2026-48970

Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...

EUVD-2026-36866

Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...

CVE-2026-48970 WordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...

CVE-2026-48970 WordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...

CVE-2026-48970

The CVE affects WordPress the Really Simple SSL plugin (versions

CVE-2026-48969

Subscriber Broken Access Control in Really Simple SSL = 9.5.9 versions...

CVE-2026-48969 WordPress Really Simple SSL plugin <= 9.5.9 - Broken Access Control vulnerability

Subscriber Broken Access Control in Really Simple SSL = 9.5.9 versions...

CVE-2026-48969

CVE-2026-48969 describes a Broken Access Control vulnerability in the WordPress plugin Really Simple SSL prior to or equal to version 9.5.9 . The initial description and connected records confirm the affected product and version range; the CVSS metrics indicate a Network attack vector with Low pr...

EUVD-2026-36723

Subscriber Broken Access Control in Really Simple SSL = 9.5.9 versions...

PT-2026-49496

Name of the Vulnerable Software and Affected Versions Really Simple SSL versions prior to 9.5.11 Description Broken authentication allows unauthenticated users to bypass security controls. Recommendations Update to version 9.5.11 or later...

VulnCheck KEV: CVE-2026-48969

Subscriber Broken Access Control in Really Simple SSL = 9.5.9 versions...

WordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by Septio Noerdiansyah in WordPress Plugin Really Simple SSL versions = 9.5.10...

WordPress Really Simple SSL plugin <= 9.5.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Evan NR in WordPress Plugin Really Simple SSL versions = 9.5.9...

CVE-2026-32461

Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Really Simple SSL: from n/a through = 9.5.7...

WordPress Really Simple SSL plugin <= 9.5.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Or Benit in WordPress Plugin Really Simple SSL versions = 9.5.7...

EUVD-2026-12021

Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Really Simple SSL: from n/a through = 9.5.7...

CVE-2026-32461

Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Really Simple SSL: from n/a through = 9.5.7...

CVE-2026-32461

Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Really Simple SSL: from n/a through = 9.5.7...

CVE-2026-32461 WordPress Really Simple SSL plugin <= 9.5.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Really Simple SSL: from n/a through = 9.5.7...