Shiprocket Access Control Configuration Error Exposes Sensitive Data

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.4

Shiprocket Access Control Configuration Error Exposes Sensitive Data

CVE-2025-68051

Summary

Incorrect access control settings in Shiprocket allow unauthorized access to sensitive information. This can happen when an attacker configures access controls incorrectly, potentially putting user data at risk. Shiprocket users should review and correct their access control settings to prevent unauthorized access.

Original title

Authorization Bypass Through User-Controlled Key vulnerability in Shiprocket Shiprocket shiprocket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shiproc...

Original description

nvd CVSS3.1 7.4

Vulnerability type

CWE-639 Authorization Bypass Through User-Controlled Key

https://patchstack.com/database/Wordpress/Plugin/shiprocket/vulnerability/wordpr...

Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026