Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
NotificationX: Unrestricted Access to Restricted Functions
CVE-2026-27042
Summary
The NotificationX plugin for WordPress has an issue where users with incorrect access levels can do things they shouldn't be able to do. This could lead to sensitive data being accessed or modified. To fix this, update to version 3.2.2 or later of the plugin.
Original title
Missing Authorization vulnerability in WPDeveloper NotificationX notificationx allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NotificationX: from n/a thr...
Original description
Missing Authorization vulnerability in WPDeveloper NotificationX notificationx allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NotificationX: from n/a through <= 3.2.1.
nvd CVSS3.1
5.3
Vulnerability type
CWE-862
Missing Authorization
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026