Missing Authorization Vulnerability in Market Exporter by Anton Vanyukov
CVE-2025-26995

5.4MEDIUM

Key Information:

Vendor: Anton Vanyukov
Status: Market Exporter
Vendor: CVE Published:; 25 February 2025

Summary

The vulnerability in the Market Exporter by Anton Vanyukov arises from inadequate access control configurations, which may allow unauthorized users to access functionalities and data they should not be permitted to. This flaw affects versions up to 2.0.21, potentially compromising the integrity and confidentiality of sensitive information. Users are advised to review their access control settings and apply necessary updates to safeguard against exploitation.

Affected Version(s)

Market Exporter <= 2.0.21

References

https://patchstack.com/database/wordpress/plugin/market-e...

vdb-entry

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 25, 2025
Vulnerability Reserved
Feb 17, 2025

Credit

Trương Hữu Phúc (truonghuuphuc) (Patchstack Alliance)