Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
InstaWP Connect: Incorrect Access Control Exposes Data
CVE-2026-39504
Summary
A security issue in InstaWP Connect means that some users may be able to access data they shouldn't. This is because the way access control is set up in the software is not strict enough. You should update InstaWP Connect to the latest version to fix this problem.
Original title
Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InstaWP Connect: from n/a t...
Original description
Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InstaWP Connect: from n/a through <= 0.1.2.5.
Vulnerability type
CWE-862
Missing Authorization
Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026