WZone Access Control Security Levels Misconfigured, Allowing Unauthorized Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.4

WZone Access Control Security Levels Misconfigured, Allowing Unauthorized Access

CVE-2026-25473

Summary

A security issue exists in WZone versions up to 14.0.31, allowing an attacker to access areas they shouldn't. This is a concern because it could lead to unauthorized actions within the application. Update to a fixed version to resolve the issue.

Original title

Missing Authorization vulnerability in AA-Team WZone woozone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WZone: from n/a through <= 14.0.31.

Original description

Missing Authorization vulnerability in AA-Team WZone woozone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WZone: from n/a through <= 14.0.31.

nvd CVSS3.1 5.4

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/woozone/vulnerability/wordpress...

Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026