Fitness FSE: Unauthorized Access to Sensitive Pages

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.3

Fitness FSE: Unauthorized Access to Sensitive Pages

CVE-2026-25394

Summary

The Fitness FSE plugin has a security flaw that could allow unauthorized users to access sensitive pages. This means that users who shouldn't have access might be able to view or edit information they shouldn't. To protect your site, update the Fitness FSE plugin to the latest version, which has fixed this issue.

Original title

Missing Authorization vulnerability in sparklewpthemes Fitness FSE fitness-fse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fitness FSE: from n/a throu...

Original description

nvd CVSS3.1 4.3

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Theme/fitness-fse/vulnerability/wordpr...

Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026