Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
CVE-2026-24634: Ultimate Reviews Settings Can Be Easily Misconfigured
CVE-2026-24634
Summary
A security issue in Ultimate Reviews software allows an attacker to bypass security settings if the administrator has incorrectly configured the system. This means an attacker may be able to access sensitive data or perform actions they shouldn't be able to. To fix this, ensure you're using the latest version of Ultimate Reviews and double-check your security settings.
Original title
Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Ultimate Reviews ultimate-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue aff...
Original description
Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Ultimate Reviews ultimate-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Reviews: from n/a through <= 3.2.16.
nvd CVSS3.1
5.3
Vulnerability type
CWE-639
Authorization Bypass Through User-Controlled Key
Published: 23 Jan 2026 · Updated: 15 Jun 2026 · First seen: 7 Mar 2026