DirectoryPress Security: Unauthorized Access to Configured Directories

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.3

DirectoryPress Security: Unauthorized Access to Configured Directories

CVE-2026-23548

Summary

A security weakness in DirectoryPress allows attackers to access sensitive areas of your website if access controls are not set up correctly. This affects versions of DirectoryPress up to 3.6.25. To stay protected, update to the latest version of DirectoryPress or review your access control settings.

Original title

Missing Authorization vulnerability in designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/...

Original description

nvd CVSS3.1 5.3

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/directorypress/vulnerability/wo...

Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026