Access Control Flaw in myCred Plugin by Saad Iqbal
CVE-2026-61968
5.4MEDIUM
What is CVE-2026-61968?
The myCred plugin developed by Saad Iqbal has a missing authorization vulnerability that allows for exploitation due to incorrectly configured access control security levels. This vulnerability can enable unauthorized users to gain access to restricted resources, potentially compromising the integrity of the site. Affected versions include all up to 3.1.2, making it critical for users to implement the latest updates and security measures to safeguard their WordPress installations.
Affected Version(s)
myCred 0 <= 3.1.2