CVE-2026-25009 WordPress Education Zone theme <= 1.3.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in raratheme Education Zone education-zone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Zone: from n/a through = 1.3.8...

CVE-2026-25009

CVE-2026-25009 is a Missing Authorization vulnerability in Education Zone WordPress Theme. Affected software: Education Zone versions up to and including 1.3.8 (no details on earlier/other variants provided). Root cause: insufficient access control configuration allowing unauthorized actions on p...

WordPress Education Zone theme <= 1.3.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by John P in WordPress Theme Education Zone versions = 1.3.8...

WordPress Education Zone Theme <= 1.3.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Education Zone Type Theme Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37103 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2d545d5d9f5a Credits Dhabaleshwar Das...