Authorization Flaw in Prince Integrate Google Drive by Prince
CVE-2026-24540

5.4MEDIUM

Key Information:

Vendor: WordPress
Status: Integrate Google Drive
Vendor: CVE Published:; 23 January 2026

What is CVE-2026-24540?

The missing authorization vulnerability in Prince Integrate Google Drive allows attackers to exploit improperly configured access controls. This can lead to unauthorized access to sensitive data or functionalities within the affected product, compromising the integrity and confidentiality of user information. The flaw impacts versions of Integrate Google Drive up to and including 1.5.5. Users are encouraged to assess their security posture and implement necessary patches to mitigate risks associated with this vulnerability.

Affected Version(s)

Integrate Google Drive 0 <= 1.5.6

References

https://patchstack.com/database/Wordpress/Plugin/integrat...

vdb-entry

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 23, 2026
Vulnerability Reserved
Jan 23, 2026

Credit

Nabil Irawan | Patchstack Bug Bounty Program

CVE-2026-24540 Data

JSON