Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
PublisherDesk: Unauthorized Access to Configuration Files
CVE-2026-39698
Summary
A security flaw in PublisherDesk allows attackers to access sensitive configuration files without permission. This affects PublisherDesk versions 1.0 through 1.5.0. To fix this, update to a newer version of PublisherDesk or adjust access control settings to prevent unauthorized access.
Original title
Missing Authorization vulnerability in PublisherDesk The Publisher Desk ads.txt the-publisher-desk-ads-txt allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects...
Original description
Missing Authorization vulnerability in PublisherDesk The Publisher Desk ads.txt the-publisher-desk-ads-txt allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Publisher Desk ads.txt: from n/a through <= 1.5.0.
Vulnerability type
CWE-862
Missing Authorization
Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026