Missing Authorization Vulnerability in Majestic Support Plugin for WordPress
CVE-2026-40778

Currently unrated

Key Information:

Vendor: WordPress
Status: Majestic Support
Vendor: CVE Published:; 15 April 2026

What is CVE-2026-40778?

A vulnerability has been identified in the Majestic Support plugin for WordPress, which allows unauthorized access due to incorrectly configured access control security levels. This could enable attackers to exploit the plugin and gain access to sensitive functionalities without proper authentication. Users running versions of Majestic Support up to 1.1.2 are particularly at risk, and it is essential to implement necessary security measures to mitigate potential threats.

Affected Version(s)

Majestic Support 0 <= 1.1.2

References

https://patchstack.com/database/Wordpress/Plugin/majestic...

vdb-entry

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2026
Vulnerability Reserved
Apr 15, 2026

Credit

Jakub Herman | Patchstack Bug Bounty Program

CVE-2026-40778 Data

JSON