Lucene search
K

11 matches found

NVD
NVD
added 5 days ago9 views

CVE-2026-10750

The Royal MCP WordPress plugin before 1.4.26 does not perform capability checks on the majority of its MCP tools after token authentication, allowing authenticated users with a low-privileged role such as Subscriber to read private content, enumerate all users and their roles, and create, modify,...

8.1CVSS0.00267EPSS
Exploits0References1
CVE
CVE
added 5 days ago16 views

CVE-2026-10750

CVE-2026-10750 concerns the Royal MCP WordPress plugin prior to 1.4.26. The issue arises because the plugin does not perform capability checks on most MCP tools after token authentication, enabling authenticated, low-privilege users (e.g., Subscriber) to read private content, enumerate users and ...

8.1CVSS5.8AI score0.00267EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 1:16 p.m.41 views

CVE-2026-54842 WordPress Royal MCP plugin <= 1.4.25 - Broken Access Control vulnerability

Missing Authorization vulnerability in Royal Plugins Royal MCP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Royal MCP: from n/a through 1.4.25...

8.1CVSS0.00195EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:16 p.m.5 views

EUVD-2026-39387

Missing Authorization vulnerability in Royal Plugins Royal MCP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Royal MCP: from n/a through 1.4.25...

8.1CVSS5.8AI score0.00195EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 1:16 p.m.21 views

CVE-2026-54842

The CVE describes a Missing Authorization vulnerability in the WordPress Royal MCP plugin (Royal MCP) affecting versions up to 1.4.25. The issue is categorized as Broken Access Control with a CVSS v3.1 base score of 8.1 (HIGH), with network attack vector, low attack complexity, and privileges req...

8.1CVSS5.8AI score0.00195EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/18 1:20 p.m.5 views

WordPress Royal MCP plugin <= 1.4.25 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by dhamdham in WordPress Plugin Royal MCP versions = 1.4.25...

8.1CVSS5.8AI score0.00195EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/06/15 9:30 p.m.7 views

EUVD-2026-36984

Unauthenticated Broken Access Control in Royal MCP = 1.4.2 versions...

7.3CVSS5.1AI score0.00219EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.6 views

CVE-2026-40775

Unauthenticated Broken Access Control in Royal MCP = 1.4.2 versions...

7.3CVSS0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.26 views

CVE-2026-40775 WordPress Royal MCP plugin <= 1.4.2 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Royal MCP = 1.4.2 versions...

7.3CVSS0.00219EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.19 views

PT-2026-49419

Unauthenticated Broken Access Control in Royal MCP = 1.4.2 versions...

7.3CVSS5.1AI score0.00219EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/04/21 3:23 p.m.21 views

WordPress Royal MCP plugin <= 1.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Alexis Lafontaine in WordPress Plugin Royal MCP versions = 1.4.2...

5.8AI score0.00219EPSS
Exploits0Affected Software1
Rows per page
Query Builder