Missing Authorization Vulnerability in Bowo Admin and Site Enhancements Plugin
CVE-2026-32423
5.4MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 13 March 2026
What is CVE-2026-32423?
A missing authorization vulnerability exists in the Bowo Admin and Site Enhancements (ASE) plugin, allowing attackers to exploit incorrectly configured access control security levels. This issue affects all versions up to and including 8.4.0, potentially compromising admin-level access to the site's functionalities and sensitive data. Site administrators should take immediate action by updating the plugin to safeguard their installations against unauthorized access.
Affected Version(s)
Admin and Site Enhancements (ASE) 0 <= 8.4.0