Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
Authorsy allows unauthorized access with incorrect security settings
CVE-2026-24950
Summary
An error in Authorsy's security settings can allow unauthorized users to access certain features. This issue affects Authorsy versions up to 1.0.6. To fix the issue, update to a newer version of Authorsy.
Original title
Authorization Bypass Through User-Controlled Key vulnerability in themeplugs Authorsy authorsy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Authorsy: f...
Original description
Authorization Bypass Through User-Controlled Key vulnerability in themeplugs Authorsy authorsy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Authorsy: from n/a through <= 1.0.6.
nvd CVSS3.1
7.5
Vulnerability type
CWE-639
Authorization Bypass Through User-Controlled Key
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026