Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.3
Hello FSE Themes: Unprotected Access with Incorrect Security Settings
CVE-2026-25393
Summary
A security issue in Hello FSE themes allows unauthorized access to certain features. This affects versions of Hello FSE up to 1.0.6. To stay secure, update to the latest version of Hello FSE.
Original title
Missing Authorization vulnerability in sparklewpthemes Hello FSE hello-fse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hello FSE: from n/a through <= ...
Original description
Missing Authorization vulnerability in sparklewpthemes Hello FSE hello-fse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hello FSE: from n/a through <= 1.0.6.
nvd CVSS3.1
4.3
Vulnerability type
CWE-862
Missing Authorization
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026