WP Wand ai-content-generation allows unauthorized access to sensitive content

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.4

WP Wand ai-content-generation allows unauthorized access to sensitive content

CVE-2026-25391

Summary

WP Wand, a plugin used in WordPress sites, has a security issue that allows unauthorized users to access sensitive content. This could lead to sensitive information being compromised, which could harm the site's reputation and user trust. Update to the latest version of WP Wand to fix this issue.

Original title

Missing Authorization vulnerability in WP Grids WP Wand ai-content-generation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Wand: from n/a through <=...

Original description

nvd CVSS3.1 5.4

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/ai-content-generation/vulnerabi...

Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026