Access Control Flaw in WP-CORS Plugin by tstephenson

CVE-2026-25410

What is CVE-2026-25410?

A missing authorization vulnerability exists in the WP-CORS plugin developed by tstephenson, allowing unauthorized access due to incorrectly configured access control security settings. This flaw affects users of WP-CORS versions up to 0.2.2, potentially exposing sensitive functionality and data to malicious actors.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References