Wp Ultimate Review: Incorrect Security Settings Allow Unauthorized Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.3

Wp Ultimate Review: Incorrect Security Settings Allow Unauthorized Access

CVE-2026-39644

Summary

A security flaw in Wp Ultimate Review allows unauthorized users to access parts of the plugin they shouldn't. If not fixed, this could lead to sensitive data being viewed or modified. Update to version 2.3.9 or later to protect your site.

Original title

Missing Authorization vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wp Ultimate Review: fr...

Original description

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/wp-ultimate-review/vulnerabilit...

Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026