Ashe: Unauthorized Access Due to Incorrect Security Settings

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Ashe: Unauthorized Access Due to Incorrect Security Settings

CVE-2026-39627

Summary

A missing security feature in Ashe can let attackers access sensitive areas of your website or application without permission. This affects Ashe software versions up to 2.266. To fix, update to a newer version of Ashe or adjust your security settings to ensure proper access control.

Original title

Missing Authorization vulnerability in wproyal Ashe ashe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe: from n/a through <= 2.266.

Original description

Missing Authorization vulnerability in wproyal Ashe ashe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe: from n/a through <= 2.266.

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Theme/ashe/vulnerability/wordpress-ash...

Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026