CVE-2026-57676 - WordPress Simple User Avatar plugin <= 4.9 - Insecure Direct Object References (IDOR) vulnerability
CVE ID :CVE-2026-57676
Published : June 29, 2026, 8:19 a.m. | 2 hours, 23 minutes ago
Description :Authorization Bypass Through User-Controlled Key vulnerability in Matteo Manna Simple User Avatar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple User Avatar: from n/a through 4.9.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : June 29, 2026, 8:19 a.m. | 2 hours, 23 minutes ago
Description :Authorization Bypass Through User-Controlled Key vulnerability in Matteo Manna Simple User Avatar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple User Avatar: from n/a through 4.9.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...