Penci AI SmartContent Creator: Unauthorized Access to Configuration

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.3

Penci AI SmartContent Creator: Unauthorized Access to Configuration

CVE-2026-27055

Summary

An issue in Penci AI SmartContent Creator allows unauthorized users to access and potentially modify sensitive settings. This affects all versions up to 2.0. To fix, update to the latest version or adjust access control settings to ensure proper authorization.

Original title

Missing Authorization vulnerability in PenciDesign Penci AI SmartContent Creator penci-ai allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Penci AI SmartCo...

Original description

nvd CVSS3.1 4.3

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/penci-ai/vulnerability/wordpres...

Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026