Business Roy Configuration Error Lets Unapproved Users Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.3

Business Roy Configuration Error Lets Unapproved Users Access

CVE-2026-25395

Summary

A configuration mistake in Business Roy allows unauthorized users to access areas they shouldn't. This is a serious issue because it lets people who shouldn't have permission do things they shouldn't be able to do. If you use Business Roy, check your configuration to make sure you're not vulnerable.

Original title

Missing Authorization vulnerability in ikreatethemes Business Roy business-roy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business Roy: from n/a thro...

Original description

nvd CVSS3.1 4.3

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Theme/business-roy/vulnerability/wordp...

Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026