Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
Glowlogix WP Frontend Profile: Unauthorized Access to User Data
CVE-2026-39688
Summary
A security flaw in Glowlogix WP Frontend Profile allows unauthorized access to user data when access control settings are incorrectly configured. This affects versions 1.3.9 and earlier of the plugin. To fix the issue, update the plugin to the latest version or adjust access control settings to prevent unauthorized access.
Original title
Missing Authorization vulnerability in Glowlogix WP Frontend Profile wp-front-end-profile allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Frontend Prof...
Original description
Missing Authorization vulnerability in Glowlogix WP Frontend Profile wp-front-end-profile allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Frontend Profile: from n/a through <= 1.3.9.
Vulnerability type
CWE-862
Missing Authorization
Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026