Sober theme: unauthorized access to settings possible due to misconfigured access control

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.3

Sober theme: unauthorized access to settings possible due to misconfigured access control

CVE-2026-25459

Summary

A security issue exists in Sober themes where users with incorrect security settings can access settings they shouldn't. This affects Sober themes version 3.5.12 and earlier. To stay secure, update to the latest version of Sober.

Original title

Missing Authorization vulnerability in uixthemes Sober sober allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sober: from n/a through <= 3.5.12.

Original description

Missing Authorization vulnerability in uixthemes Sober sober allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sober: from n/a through <= 3.5.12.

nvd CVSS3.1 4.3

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Theme/sober/vulnerability/wordpress-so...

Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026