Missing Authorization Vulnerability in Katalogportal PDF Sync Plugin for WordPress
CVE-2026-3649

5.3MEDIUM

Key Information:

Vendor: WordPress
Status: Katalogportal-PDF-sync Widget
Vendor: CVE Published:; 15 April 2026

What is CVE-2026-3649?

The Katalogportal PDF Sync plugin for WordPress contains a vulnerability that allows authenticated users to access information they should not have permissions for. This is due to the katalogportal_popup_shortcode() function failing to implement necessary capability checks and nonce verification. As a result, any user with an account, including those with minimal permissions like Subscribers, can exploit this weakness. They can make AJAX calls to retrieve all synchronized PDF attachments, accessing both public and private content along with sensitive metadata. This lack of authorization checks may lead to unwanted exposure of potentially confidential data, necessitating immediate mitigation.

Affected Version(s)

Katalogportal-pdf-sync Widget 0 <= 1.0.0

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/katalogportal-...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2026
Vulnerability Reserved
Mar 6, 2026

Credit

Phong Nguyen

CVE-2026-3649 Data

JSON