ModelTheme Framework: Insecure Access Control Allows Unauthorized Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.5

ModelTheme Framework: Insecure Access Control Allows Unauthorized Access

CVE-2025-69303

Summary

An outdated version of the ModelTheme Framework has a security weakness that lets users access areas they shouldn't. This is a concern because it could allow unauthorized changes or data exposure. Update to the latest version (1.9.3 or higher) to fix this issue.

Original title

Missing Authorization vulnerability in modeltheme ModelTheme Framework modeltheme-framework allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ModelTheme Fra...

Original description

nvd CVSS3.1 7.5

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/modeltheme-framework/vulnerabil...

Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026