CVE-2025-67926

CVE-2025-67926 is a public WordPress vulnerability described by Wordfence in the January 2026 weekly vulnerability report. It is a Missing Authorization issue in Fluent Support (WordPress plugin) where access control is incorrectly configured, affecting Fluent Support versions up to 1.10.4. The C...

CVE-2025-67926 WordPress Fluent Support plugin <= 1.10.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Shahjahan Jewel Fluent Support fluent-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Support: from n/a through = 1.10.4...

WordPress Fluent Support Plugin <= 1.8.0 is vulnerable to Broken Access Control

Software Fluent Support Type Plugin Vulnerable versions = 1.8.0 Fixed in 1.8.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-47302 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 1b6430288129 Credits Khalid Yusuf Required privileg...

WordPress Fluent Support Plugin <= 1.7.6 is vulnerable to SQL Injection

Software Fluent Support Type Plugin Vulnerable versions = 1.7.6 Fixed in 1.7.7 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-51547 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 5aa5f4266c5e Credits Yudistira Arya Required privilege Administrator...