Missing Authorization in ikreatethemes Business Roy Theme
CVE-2026-25395

Currently unrated

Key Information:

Vendor

WordPress
Status
Business Roy
Vendor
CVE Published:
19 February 2026

What is CVE-2026-25395?

The ikreatethemes Business Roy theme contains a missing authorization vulnerability that stems from incorrectly configured access control security levels. This flaw allows unauthorized users to exploit the system, potentially gaining access to restricted functionalities. Affected versions of the Business Roy theme are from an unspecified release up to and including version 1.1.4. It is crucial for users of this theme to assess their current version and implement necessary security updates to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Business Roy <= n/a

References

https://patchstack.com/database/Wordpress/Theme/business-...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

0xd4rk5id3 | Patchstack Bug Bounty Program
JSON
.