Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
WPSchoolPress: Insecure Access Control Lets Hackers Access Sensitive Data
CVE-2026-39631
Summary
WPSchoolPress, a plugin for WordPress, has a security weakness that lets hackers access sensitive data if the access control settings are not correctly set. This means that sensitive information could be exposed to unauthorized individuals. To fix this, update WPSchoolPress to the latest version.
Original title
Missing Authorization vulnerability in Ronik@UnlimitedWP WPSchoolPress wpschoolpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSchoolPress: from n...
Original description
Missing Authorization vulnerability in Ronik@UnlimitedWP WPSchoolPress wpschoolpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSchoolPress: from n/a through <= 2.2.35.
Vulnerability type
CWE-862
Missing Authorization
Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026