Unauthorized Access to Pet Shop and Veterinary WordPress Theme

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.4

Unauthorized Access to Pet Shop and Veterinary WordPress Theme

CVE-2026-22383

Summary

An attacker can access restricted areas of the Pet Shop and Veterinary WordPress Theme if the administrator incorrectly configures access levels. This could allow an attacker to view or modify sensitive information. Administrators should update to the latest version of the theme to ensure proper access control is in place.

Original title

Original description

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PawFriends - Pet Shop and Veterinary WordPress Theme: from n/a through <= 1.3.

nvd CVSS3.1 5.4

Vulnerability type

CWE-639 Authorization Bypass Through User-Controlled Key

https://patchstack.com/database/Wordpress/Theme/pawfriends/vulnerability/wordpre...

Published: 20 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026