Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
LC Wizard: Incorrect Access Control Allows Unauthorized Changes
CVE-2025-68026
Summary
A security issue in LC Wizard allows hackers to make unauthorized changes to settings if the access control is not properly configured. This affects all versions of LC Wizard up to 2.1.1. Users should update to a patched version to prevent unauthorized changes.
Original title
Missing Authorization vulnerability in Niaj Morshed LC Wizard ghl-wizard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LC Wizard: from n/a through <= 2....
Original description
Missing Authorization vulnerability in Niaj Morshed LC Wizard ghl-wizard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LC Wizard: from n/a through <= 2.1.1.
nvd CVSS3.1
6.5
Vulnerability type
CWE-862
Missing Authorization
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026