Missing Authorization Flaw in wpWax Directorist Plugin
CVE-2026-39509
5.3MEDIUM
What is CVE-2026-39509?
The wpWax Directorist plugin suffers from a missing authorization vulnerability due to incorrectly configured access control security levels. This flaw enables unauthorized actions by exploiting these security misconfigurations. The issue affects versions up to 8.5.10, necessitating prompt attention from users to secure their installations.
Affected Version(s)
Directorist 0 <= 8.5.10