RPS Include Content: Unauthorized Access via Incorrect Security Settings

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.5

RPS Include Content: Unauthorized Access via Incorrect Security Settings

CVE-2026-39639

Summary

If not set properly, the RPS Include Content plugin can be accessed by unauthorized users, potentially allowing them to view sensitive information. This issue affects RPS Include Content versions 1.2.2 and earlier. To fix, update the plugin to a patched version or properly configure access control settings.

Original title

Missing Authorization vulnerability in redpixelstudios RPS Include Content rps-include-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RPS Include...

Original description

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/rps-include-content/vulnerabili...

Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026